[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ITP: debian-backports-keyring -- GnuPG archive key of the backports.org repository


while I'm actually in favor of adding this package because it makes it a lot
easier to obtain a trustpath to the backports.org repo, which is important
to our users, it's not true that there isnt a documented trusted path to 
install the key.

It's documented here: http://wiki.debian.org/DebianEdu/Documentation/Etch/HowTo/Administration#head-136bb7e75e07e8b6463e6b30761ac51776c5c27d

# add backports.org repo to /etc/apt/sources.list
echo "deb http://www.backports.org/debian etch-backports main contrib non-free" >> /etc/apt/sources.list
# install the debian-keyring securily:
aptitude install debian-keyring
# fetch the backports.org key insecurily:
gpg --keyserver pgpkeys.pca.dfn.de --recv-keys 16BA136C
# check securily if the key is correct and add it to root's keyring if it is:
gpg --keyring /usr/share/keyrings/debian-keyring.gpg --check-sigs 16BA136C && gpg --export 16BA136C | apt-key add -
# update the list of available packages:
aptitude update

But it's really quite complicated and a lot to type :)

So I would definitly prefer a package, optionally with a low-priority debconf
question (for preseeding mostly) to also edit to sources.list :-)


Attachment: pgpGLfG93fToS.pgp
Description: PGP signature

Reply to: