Hi. I'm new to this list so let me give some introduction, to provide some context for my questions: To be up front, I'm not a regular Debian user... I used to be years ago, but then I fell in love with Gentoo and the whole source-based distro paradigm. However, I run Debian in a VM through qemu-kvm, which I am using to learn how to make .deb packages and also to test them. In the short term, I'm simply concerned about being able to create good .deb packages which I can upload to my Web site, though eventually I'll trying getting some of my packages put into Debian proper. Hopefully this is the right list for me... there are so many Debian lists that I wasn't sure, but a Debian user directed me here. So, my first question: Is there some nifty command or trick to (properly) GPG sign a .deb package /after/ I've finished making it? I've been following the "Debian New Maintainers' Guide" PDF, which seems to be working out for me; however, I don't actually keep my code signing keys inside the virtual machine, so when I run "dpkg-buildpackage" certain files in the package don't get signed. I was hoping I could do the signing on my own system after I had moved the package out of the virtual machine, but I'm not sure what the proper procedure would be. -- frigidcode.com indicium.us
Attachment:
signature.asc
Description: OpenPGP digital signature