Re: mini-dinstall, repository signing and apt-get authentication
On Tue, Jul 25, 2006 at 02:33:04PM +0100, Neil Williams wrote:
[...]
> I've generated a gpg key to sign the Release files and I'm using
> mini-dinstall on the server. It appears to be working, Release and
> Release.gpg are created and gpg can verify that the signature is good.
[...]
> Yet apt-get update doesn't seem to locate Release.gpg correctly:
>
> Ign http://www.linux.codehelp.co.uk packages/unstable/all/ Release.gpg
[...]
Looks like it's trying to retrieve:
http://www.linux.codehelp.co.uk/packages/unstable/all/Release.gpg
...when you instead provide:
http://www.linux.codehelp.co.uk/packages/unstable/Release.gpg
I just use a dirty shell script with apt-ftparchive to generate a
little mini-repository of my projects like so:
#!/bin/sh
cd debian
rm -f Contents.bz2 Contents.gz Packages.bz2 Packages.gz Release \
Release.gpg Sources.bz2 Sources.gz
apt-ftparchive contents . > Contents
bzip2 -k Contents
gzip -9 Contents
apt-ftparchive packages . > Packages
bzip2 -k Packages
gzip -9c Packages > Packages.gz
apt-ftparchive sources . > Sources
bzip2 -k Sources
gzip -9c Sources > Sources.gz
apt-ftparchive release . > Release
rm Packages Sources
gpg --armor --default-key ="Jeremy Stanley <fungi@yuggoth.org>" \
--detach-sign --output Release.gpg Release
This has been working fine for me with apt-get/apt-key so far.
--
{ IRL(Jeremy_Stanley); PGP(9E8DFF2E4F5995F8FEADDC5829ABF7441FB84657);
SMTP(fungi@yuggoth.org); IRC(fungi@irc.yuggoth.org#ccl); ICQ(114362511);
AIM(dreadazathoth); YAHOO(crawlingchaoslabs); FINGER(fungi@yuggoth.org);
MUD(fungi@katarsis.mudpy.org:6669); WWW(http://fungi.yuggoth.org/); }
Reply to: