* Daniel Barclay <daniel@fgm.com> [060202 22:21]:
[..]
> No--the command apt-key doesn't exist in sarge.
Quoting from Message-ID: <[🔎] 20060202165807.GA1204@schmehl.info>:
=====
> Where does Debian (or debmirror?) store the public key that debmirror
> uses to validate Release files?
Take a look at "man debmirror", it's listed in the files-section.
=====
In the manpage of debmirror you can find everything you need to know:
=====
FILES
~/.gnupg/pubring.gpg
Debmirror uses gpg to verify Release and Release.gpg using the
default keying ~/.gnupg/pubring.gpg. This can be changed by
exporting GNUPGHOME resulting in $GNUPGHOME/pubring.gpg being used.
To add the right key to this keyring you can import it from the
debian keyring (in case of the debian archive) using:
gpg --keyring /usr/share/keyrings/debian-role-keys.gpg --export \
"Debian Archive Automatic Signing Key (2005)" | gpg --import
or download the key from a keyserver:
gpg --keyserver keyring.debian.org --recv-keys <key ID>
<key ID> for debian and 2005 is 4F368D5D and can be found in the
gpg error message from debmirror -v output.
=====
Note that this manpage mentions a "Debian [..] Key (2005)", after taking
a look at your calendar, you might want to get the 2006 key, too.
Yours sincerely,
Alexander
--
http://learn.to/quote/
http://www.catb.org/~esr/faqs/smart-questions.html
Attachment:
signature.asc
Description: Digital signature