[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: update messages

On Thu, Dec 28, 2006 at 23:14:23 +0000, Digby Tarvin wrote:


> I'm still stuck with the big red warning box complaining about the
> missing public key for multimedia.org after an update, and I'm still
> not clear if this is normal and expected (which would be annoying), or
> something specific to me (which would be worrying).
> If it is the former, I would have thought it would be better to
> just have some way of just not signing packages rather than signing
> with a key that can't be checked. 

Marillat's key is not part of the debian-archive-keyring package,
therefore it is not added to apt's trusted keys automatically. You can
download it from the usual public key servers or you can take it from
the debian-keyring package. The latter method is more secure because the
integrity of the debian-keyring package is checked by apt before
installation. Once this package is installed you can run

gpg --no-default-keyring --keyring /usr/share/keyrings/debian-keyring.gpg -a --export 07DC563D1F41B907 | sudo apt-key add -

(The first two options make sure that the key is taken from the Debian
 keyring; the rest tells gpg to export the key in ASCII-armored format,
 which can be piped to apt-key directly.)


Reply to: