Re: secure apt

To: debian-user@lists.debian.org
Subject: Re: secure apt
From: Simo Kauppi <swk@nic.fi>
Date: Sun, 23 Oct 2005 13:20:18 +0300
Message-id: <[🔎] 20051023102018.GO5235@a85-156-196-68.elisa-laajakaista.fi>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 1130024905.20210.6.camel@localhost>
References: <20051022071608.4943c627.crc1021@myrealbox.com> <[🔎] 20051022201952.GB1728@tennyson.dodds.net> <[🔎] 1130024905.20210.6.camel@localhost>

On Sun, Oct 23, 2005 at 09:48:25AM +1000, David Pastern wrote:
> On Sat, 2005-10-22 at 13:19 -0700, Steve Langasek wrote:
> 
> > Hi Eric,
> > 
> > On Sat, Oct 22, 2005 at 07:16:08AM -0500, Eric wrote:
> > > I recently upgraded testing and receive the new apt (version 0.6.41).
> > > I have not been able to get it to stop nagging.
> > 
> > > "apt-key add /usr/share/apt/debian-archive.gpg"
> > > but that returns
> > > "gpg: no ultimately trusted keys found
> > > OK"

Did you run this as root. If not, try running it as root, because
/etc/apt/trustdb.gpg is owned by root and mode 0600.

> > > "apt-key update" returns
> > > "ERROR: Can't find the archive-keyring
> > > Is the debian-keyring package installed?"
> > 
> > > I have debian-keyring installed.

There seems to be a bug in apt-key, as it tries to use
/usr/share/keyrings/debian-archive-keyring.gpg, but debian-keyring
doesn't have it. debian-keyring has
/usr/share/keyrings/debian-role-keys.gpg instead.

> > > Also, should the "-y" switch in aptitude skip past the security nag? 

I don't know if -y would do that, but you could try
apt-get --allow-unauthenticated

> Eric - I can add the key using the apt-key command, and I get OK, and no
> error message about no trusted keys found.  I can't run apt-key update
> successfully, I get the same error message as you do.  apt-key list does
> list keys though.  
> 
> > Please direct questions of this sort to debian-user; debian-testing is not
> > intended to be a general support forum for testing.
> > 
> > Thanks,
> 
> Actually, I think it's quite reasonable to post the query here, since
> it's a version of apt available from testing.  And this is
> debian-testing.  I do have to say that I find the debian mailing lists
> the most short, and inflexible mailing lists I've ever subscribed to.
> It's no wonder Debian is losing users to Ubuntu etc, you might want to
> compare the Ubuntu lists to the Debian mailing lists.  
> 
> Dave
> 
> PS No, I don't use Ubuntu, I don't even like Ubuntu.

Simo
-- 
:r ~/.signature

Attachment: signature.asc
Description: Digital signature

Reply to:

References:
- Re: secure apt
  - From: Steve Langasek <vorlon@debian.org>
- Re: secure apt
  - From: David Pastern <david@dia.net.au>

Prev by Date: How to make a rescue disk ?
Next by Date: Re: xdvi gets updated only if it is active window
Previous by thread: Re: secure apt
Next by thread: New package suggestion - scanbuttond - extension of sane packages
Index(es):
- Date
- Thread