On Fri, 2002-09-20 at 09:40, Ron Johnson wrote: > On Thu, 2002-09-19 at 23:25, Debian wrote: > > On Thu, Sep 19, 2002 at 11:20:42PM -0500, Ron Johnson wrote: > > > On Thu, 2002-09-19 at 21:19, Egor Tur wrote: > > > > Hi Folks! > > > > How write the ssh method in sources.list correctly? > > > > > > What do you mean? > > > > I think he is asking for a method which to get his packages using > > ssh. To my knowledge there is no such method besides setting up > > a tunnel. Maybe Im worng. > > Oh. If you use an authoritative source (like ftp://ftp.us.debian.org) > and since packages are signed and automatically checked during install, > is there any practical need for encrypted downloads? Do you live in the future? Debian 4.0 or so? To my knowledge, although Release files are signed, packages are not, and not even the Release file signatures are usually checked. :-/ So, theoretically, the need for trusted downloads exists today. Or the need for the security infrastructure to be completed. cheers -- vbi -- secure email with gpg http://fortytwo.ch/gpg NOTICE: subkey signature! request key 92082481 from keyserver.kjsl.com
Attachment:
signature.asc
Description: This is a digitally signed message part