[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ssh method in sources.list

On Fri, 2002-09-20 at 02:58, Adrian von Bidder wrote:
> On Fri, 2002-09-20 at 09:40, Ron Johnson wrote:
> > On Thu, 2002-09-19 at 23:25, Debian wrote:
> > > On Thu, Sep 19, 2002 at 11:20:42PM -0500, Ron Johnson wrote:
> > > > On Thu, 2002-09-19 at 21:19, Egor Tur wrote:
> > > > >     Hi Folks!
> > > > > How write the ssh method in sources.list correctly?
> > > > 
> > > > What do you mean?
> > > 
> > > I think he is asking for a method which to get his packages using 
> > > ssh.  To my knowledge there is no such method besides setting up 
> > > a tunnel.  Maybe Im worng.
> > 
> > Oh.  If you use an authoritative source (like ftp://ftp.us.debian.org)
> > and since packages are signed and automatically checked during install,
> > is there any practical need for encrypted downloads?
> 
> Do you live in the future? Debian 4.0 or so?

Not the future, but an alternate universe...

> To my knowledge, although Release files are signed, packages are not,
> and not even the Release file signatures are usually checked.

Ah!  This is disturbing.  

-- 
+------------------------------------------------------------+
| Ron Johnson, Jr.     mailto:ron.l.johnson@cox.net          |
| Jefferson, LA  USA   http://members.cox.net/ron.l.johnson  |
|                                                            |
| "What other evidence do you have that they are terrorists, |
|  other than that they trained in these camps?"             |
|   17-Sep-2002 Katie Couric to an FBI agent regarding the 5 |
|   men arrested near Buffalo NY                             |
+------------------------------------------------------------+
Reply to: