[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: non-us.debian.org having problems?

Hash: SHA1

A long time ago, in a galaxy far, far way, someone said...

> >btw, i'm getting timeouts on security.debian.org too (looks like
> >it's hosted from the same network as non-us)
> I can't find a mirror of security.debian.org.  Is there one?

There isn't one.  Ethan Benson posted to debian-user sometime in the last
week or two why:  it basically comes down to "how do you know the package
wasn't tampered with after it was downloaded from security.debian.org?"
(IIRC).  Once apt can check pgp/gpg keys I'm sure their'll probably be
some "official" mirrors set up.

That said, there's nothing keeping you from mirroring it yourself for
local use - I do that myself, just for situations like this.

One of my mirrors is on tux.creighton.edu.  The entry for sources.list is

deb http://tux.creighton.edu/debian potato updates/main

if you want to trust that I haven't altered anything :)  The entire tree
should be there, with the exception of the slink updates.

- -- 
- ----------------------------------------------------------------------
Phil Brutsche				    pbrutsch@tux.creighton.edu

GPG fingerprint: 9BF9 D84C 37D0 4FA7 1F2D  7E5E FD94 D264 50DE 1CFC
GPG key id: 50DE1CFC
GPG public key: http://tux.creighton.edu/~pbrutsch/gpg-public-key.asc
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org


Reply to: