First time backports install: authentication issues
I couldn't find the following issue on the backports.org domain, so I'll ask it here:
I'm doing the first-time install of a backport on debian etch.
deb http://www.backports.org/debian etch-backports main contrib non-free
to sources.list and doing an apt-get update, I get, as expected:
Reading package lists... Done
W: GPG error: http://www.backports.org etch-backports Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY EA8E8B2116BA136C
W: You may want to run apt-get update to correct these problems
As mentioned in the download instructions, I need to install the backports keyring:
apt-get install debian-backports-keyring
However, that one cannot be authenticated:
WARNING: The following packages cannot be authenticated!
Install these packages without verification [y/N]?
Any software can be cricital software and I'm not running debian stable to get my system unstable by some untrusted software, so to just to take the overly paranoia approach: How can I know if I can trust this?
Is the alternative way mentioned on: http://www.backports.org/dokuwiki/doku.php?id=instructions
gpg --keyserver hkp://subkeys.pgp.net --recv-keys 16BA136C
gpg --export | apt-key add -
Furthermore: thank you for making these packages available!