[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Is Debian Repeat Secure?

Not a direct answer to your question, but, when I was using Ubuntu I had
a script that I was using to make about 300 packages, I only had to type
in my key once or twice. I have been trying to work out how to do it on
Debian but so far have come up short.


On Sun, 2010-09-19 at 01:58 -0400, Martin Owens wrote:
> Hey all,
> Building debs for ppa uses gpg and signs each source package build in
> two different places requiring the unlocking of the gpg key twice.
> I've been running a script which builds 4 packages for 3 ubuntu releases
> which comes to typing in my gpg passphraise 24 times in succession (more
> if I get it wrong).
> Should I be concerned that possible snoopers have 24 opportunities to
> watch my passphraise in physical space? And if typing in the passphraise
> a lots of times isn't important, why have a passphraise at all?
> Isn't this sort of problem what timed keyrings are for?
> Thoughts?
> Martin,

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: