Re: Packages getting created without signature
Storing your passphrase in a file or ENV variable is never "safe" as told in
documents and by mentors.
but what if you want to enter the passphrase number of times or you want a
cron job or a script to do use gpg?
than here's what i found:
gpg's default home dir is ~/.gunpg (you can change it using --homedir
option, using this option will, upto some extent provides at-least some
security as no one knows where your default directory is)
create a file gpg.conf in that folder and edit it to contain text as
thats all is required.
Michael Lamothe wrote:
> I think that the -k is used to specify which key to use. You can have
> multiple GPG keys.
> I don't know the "safe" way to do what you're asking. But if you find
> out please let me know. :)
> On 13/12/2007, cobaco (aka Bart Cornelis) <firstname.lastname@example.org> wrote:
>> On Thursday 13 December 2007, iluvlinux wrote:
>> > but one more information i need is i have to give -k option to
>> > dpkg-buildpackage command
>> > ie $ dpkg-buildpackage -rfakeroot -k<KEY> -sgpg
>> the '-rfakeroot' is no longer necessary when using dpkg >= 1.14.7, as in
>> that case dpkg will use fakeroot by default if present
>> Cheers, cobaco (aka Bart Cornelis)
> To UNSUBSCRIBE, email to debian-mentors-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
View this message in context: http://www.nabble.com/Packages-getting-created-without-signature-tp14292654p14331749.html
Sent from the debian-mentors mailing list archive at Nabble.com.