[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Apt-move and pgp signing

Simo Kauppi wrote:
> James Vahn wrote:
>>         # Set this to key name to be used for signing Release files.
>>         SIGNINGKEY=
>>                    ^^^^^^^^
>> What is it wanting me to put there? 
> Hi,
> I haven't used apt-move, but from the gpg point of view the name is
> either the name of the user or the key-id. In your case C633A12A or
> "James Vahn".
> The problem here is that apt-move uses gpg in batch mode and in batch
> mode it cannot ask you your passphrase. In that case you shoudn't use
> passphrase with your signing key.

Exactly. I get the same error running apt-move's internal gpg command
directly. Remove "--batch" and it asks for a passphrase. That isn't
going to work from a script at all.

> Have a look at http://www.gnupg.org/documentation/faqs.html#q4.14

I got as far as "gpg --homedir . --edit C633A12A" which created two
new files: secring.gpg and pubring.gpg ..  Unfortunately I was not given
the option to use "passwd" as per the instructions, and pointing apt-move
to "secring.gpg" or "C633A12A" gave me the all too familiar error messages.

Gpg is complicated; the instructions are lengthy and unclear, the FAQ
creates more questions. An ugly mess. If I find the solution it will be
by accident and I will not trust it. :)

I really appreciate the clues though. I'm at my wits end with this and
am up against a wall, but you've knocked a brick loose for me - thank

My next step will likely involve examining dfsbuild's source code and
seeing if there's a way to disable the GPG requirement. I suspect that
will be a far simpler task.. <chuckle>

Reply to: