Re: Missing public keys in aptitude - SOLVED (Sarge debmirror case)
Florian Kulzer wrote:
Yann Lejeune wrote:
...
...
gpg --armor --export keyid | apt-key add -
...
wget http://ftp-master.debian.org/ziyi_key_2005.asc -O - | apt-key add -
wget http://ftp-master.debian.org/ziyi_key_2006.asc -O - | apt-key add -
...
I think that these things don't work for the people using Sarge and
debmirror; ...
Right -- apt-key does not (seem to) exist in Sarge.
> (The fact that this question was inserted into a thread
about aptitude in Sid makes it more difficult to give an appropriate
answer, of course.)
(Yeah, it does seem to have jumped from my debmirror-in-sarge thread
to this one.)
So let me try again:
It seems to me ("man debmirror", search for "key") that debmirror
expects to find the archive signing key in the public keyring of the
user which runs it, i.e.
~/.gnupg/pubring.gpg
Therefore I think it will be enough to import the signing key with gpg:
gpg --keyserver keyring.debian.org --recv-keys 2D230C5F
(with 2D230C5F being the key ID of the 2006 archive signing key), as
long as you run this command as the same user who will later run debmirror.
I hope this works.
Yes, that seems to have worked (with the modification that for Sarge
it's the key with ID 4F368D5D ("Debian Archive Automatic Signing Key
(2005) <ftpmaster@debian.org>").
When will I need to get a new key (regarding Sarge)? For example,
if/when 3.1r2 is created, will its Release.gpg file be signed using
the 2005 key (the key that was current when Sarge was first released
(3.1r0)), or will it be signed using the key that is current when
3.1r2 is released?
Thanks,
Daniel
Reply to: