Re: compiling packages on va
joey@kitenet.net (Joey Hess) wrote on 08.02.98 in <[🔎] 19980208204914.64341@kite>:
> Kirk Hilliard wrote:
> > In theory, the 128 bit "message digest" could be created on the remote
> > machine, brought back to the local machine for encryption, and the
> > result sent back to the remote machine for generation of the
> > document's signature. I don't think that pgp currently supports this,
> > but it wouldn't be too hard to implement. Is this a desired feature?
>
> Since all that actually gets pgp signed is the changes file, which is small,
> all you really need to do is something like:
>
> cat file.changes | ssh yourcomputer pgp -f -sta > file.changes.asc
>
> At least something like that, you get the idea. I've used some variation of
> this, and it can be made to work, but I don't have the details available
> now.
Hmm. It should be possible to write a "pgp" script (to put in the path
while doing dpkg-buildpackage) that transparently signs files using pgp on
another machine. Since it uses only a small part of the pgp interface,
that shouldn't be too hard. Base it on the above. Maybe we could even get
pgp to ask locally for it's pass phrase? I think it uses the controlling
terminal.
MfG Kai
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: