[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: update messages

On Fri, Dec 29, 2006 at 11:01:00AM +0100, Florian Kulzer wrote:
> On Thu, Dec 28, 2006 at 23:14:23 +0000, Digby Tarvin wrote:
> [...]
> > I'm still stuck with the big red warning box complaining about the
> > missing public key for multimedia.org after an update, and I'm still
> > not clear if this is normal and expected (which would be annoying), or
> > something specific to me (which would be worrying).
> > 
> > If it is the former, I would have thought it would be better to
> > just have some way of just not signing packages rather than signing
> > with a key that can't be checked. 
> Marillat's key is not part of the debian-archive-keyring package,
> therefore it is not added to apt's trusted keys automatically. You can
> download it from the usual public key servers or you can take it from
> the debian-keyring package. The latter method is more secure because the
> integrity of the debian-keyring package is checked by apt before
> installation. Once this package is installed you can run
> gpg --no-default-keyring --keyring /usr/share/keyrings/debian-keyring.gpg -a --export 07DC563D1F41B907 | sudo apt-key add -
> (The first two options make sure that the key is taken from the Debian
>  keyring; the rest tells gpg to export the key in ASCII-armored format,
>  which can be piped to apt-key directly.)

Ah - that did it. I already had the debian-keyring package installed, but
didn't realise that last step was necessary to make the required key
visible to apt...

Digby R. S. Tarvin                                          digbyt(at)digbyt.com

Reply to: