Re: Debian packages without md5sums
On Tue, 11 Sep 2007 11:15:53 -0700, Andrew Sackville-West wrote:
> On Mon, Sep 10, 2007 at 09:17:59PM +0000, Felix Karpfen wrote:
>>
>> The fault is mine/my setup. My connection to the internet is slow;
>> hence I am reduced to using the DVDs for upgrades. Although I procured
>> the "official" Etch DVD set from a supplier listed by Debian, there were
>> numerous notifications during the "dist-upgrade" that I was installing
>> "untrusted packages".
>
> these errors (untrusted packages) have to do with the new secure-apt
> system which uses gpg keys to confirm the signatures on
> packages. Install the debian-archive-keyring package and then update.
>
The package was installed by default during the upgrade to Etch. But
the documentation on how to use it is sparse. A new (December 2003!) apt
routine - apt-key - can now be invoked and offers the following options:
| Usage: apt-key [command] [arguments]
|
| Manage apt's list of trusted keys
|
| apt-key add <file> - add the key contained in <file> ('-' for stdin)
| apt-key del <keyid> - remove the key <keyid>
| apt-key update - update keys using the keyring package
| apt-key list - list keys
But How do you use the key(s) listed in "/etc/apt/trusted.gpg" to
authenticate the individual installed packages.
I have no wish to re-invent the wheel - even if I knew how. A pointer to
documentation would help. I have the gpg package installed and have used
it occasionally to sign my emails; but there must be a routine for using
the Etch Stable Release Key for checking 1000+ installed Debian
packages.
An afterthought:
Does "untrusted" have the meaning assigned in "gpg" - i.e. "the content
has not been altered, but the signer is unknown"?
If so, then I am worrying about nothing!!
>>
>> Is there an alternative to "aptitude update" or do I have to live with the
>> missing md5sums and "untrusted packages"?
>
> there is not really any alternative to "aptitude update"
If the update needs to be done while "online", it is probably a lost
cause.
Thank you for taking the time to point me in the right direction.
Felix Karpfen
--
Felix Karpfen
Public Key 72FDF9DF (DH/DSA)
Reply to: