Re: apt-get and authentication

To: debian-user@lists.debian.org
Subject: Re: apt-get and authentication
From: Ephemeral root <ephemeroot@bluebottle.com>
Date: Sat, 22 Oct 2005 22:23:40 -0500
Message-id: <[🔎] 1130037820.435b023c4a0c9@bluebottle.com>
In-reply-to: <[🔎] 20051022160308.GP29318@niof.net>
References: <[🔎] 20051022160308.GP29318@niof.net>

Quoting Rick Pasotto <rick@niof.net>:

> Why has apt-get started giving me this message:
> 
> WARNING: The following packages cannot be authenticated!

That's part of apt 0.6's new security feature. You must add
to your apt set-up the gpg public key of the archives where
you downloaded the packages. I think this has already been
done for you if you download only official Debian
packages.

For adding the keys of unofficial sites, read the man page,
or better, google for "apt-key". This assumes of course the
maintainer signs his unofficial archive by creating the
necessary Release (md5sum and sha1sums of the available
packages) and Release.gpg (the detached gpg signature of
the Release file).

You can also try to create the Release and Release.gpg files
yourself by using "apt-ftparchive." But that's a longer
story (one that took me three days of googling  to figure
out).

I hope my explanation doesn't read like a man page.

Reply to:

Follow-Ups:
- Re: apt-get and authentication
  - From: marc <gmane@auxbuss.com>

References:
- apt-get and authentication
  - From: Rick Pasotto <rick@niof.net>

Prev by Date: Re: Kernel 2.4.31 does not compile on Debian sid/unstable?
Next by Date: Re: Ready to join the club..
Previous by thread: apt-get and authentication
Next by thread: Re: apt-get and authentication
Index(es):
- Date
- Thread