Re: apt-get and authentication
Rick Pasotto said...
> On Sun, Oct 23, 2005 at 02:09:19PM +0100, marc wrote:
> > Ephemeral root said...
> > > Quoting Rick Pasotto <rick@niof.net>:
> > >
> > > > Why has apt-get started giving me this message:
> > > >
> > > > WARNING: The following packages cannot be authenticated!
> > >
> > > That's part of apt 0.6's new security feature. You must add to your
> > > apt set-up the gpg public key of the archives where you downloaded
> > > the packages. I think this has already been done for you if you
> > > download only official Debian packages.
> >
> > I think that this change has been very badly managed. I saw these
> > messages and had no idea what had changed and what was required of me
> > to "correct" the "problem".
> >
> > Worse, there is no reference to apt-key in the man pages of aptitude
> > or apt-get, which is where, I suspect, most folk would first look for
> > clues.
> >
> > Neither was there an announcement in debian.user.news
> >
> > > For adding the keys of unofficial sites, read the man page,
> >
> > Thanks for advertising apt-key's existence :-o It might also help folk
> > to know about man apt-secure.
> >
> > That said, I couldn't work out what steps I am supposed to take from
> > those man pages.
> >
> > > I hope my explanation doesn't read like a man page.
> >
> > Not all all. It was clear, precise and understandable on first
> > reading, without references to a minimum of a dozen documents of
> > required reading, usually recursively, before being remotely
> > comprehensible. But I suspect that you were writing for an audience of
> > human beings :-)
> >
> > Now, does anyone know what actions we are supposed to take?
>
> This seems to have worked for me:
>
> apt-get install debian-keyring
That seems to be the trick. I wonder why it wasn't made a mandatory
install.
--
Best,
Marc
Reply to: