[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Verifying integrity of .deb file

Claudius Hubig <debian_1205 <at> chubig.net> writes:


> Do you want to verify the downloaded .deb or do you want to verify
> the content on your machine? The latter can be done with debsums, as
> you mentioned. If setting up a repository is not a good idea for you
> (for whatever reasons), you might want to try dpkg-sig which lets you
> sign and verify package signatures outside of repositories.


I am using debsums right now to check the integrity of the installed
files. However, it would be nice to verify the deb itself. I looked at
*dpkg-sig* and I think it might do the job. However, I only would like
to verify the hash and not the gpg signature of the deb file. Do you
know if this is possible with dpkg-sig? I will play around with it


Reply to: