Re: self signed repository

To: "stalker@locum.ru" <stalker@locum.ru>
Cc: debian-user@lists.debian.org
Subject: Re: self signed repository
From: Roger Leigh <rleigh@codelibre.net>
Date: Thu, 5 Jul 2012 09:46:19 +0100
Message-id: <[🔎] 20120705084619.GR4080@codelibre.net>
In-reply-to: <[🔎] 4FF54BC8.9000207@locum.ru>
References: <[🔎] 4FF54BC8.9000207@locum.ru>

On Thu, Jul 05, 2012 at 12:09:44PM +0400, stalker@locum.ru wrote:
> 
> I sign packet with debsign
> dpkg-sig --sign builder  mytestpackage_1.2.3_amd64.deb
> and add my key to apt-key
> 
>  gpg --armor --export >/tmp/mykey
> and sudo apt-key add  /tmp/mykey
> 
> apt-key list show my key, but apt-get install mytestpackage show
> WARNING: The following packages cannot be authenticated!
> 
> what i doing wrong?

You also need the Release file in the apt repository signing.
apt-get doesn't get check per-package signatures?  Individual
packages aren't signed by default; just the archive as a whole
via the Release/InRelease files.


Regards,
Roger
-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux    http://people.debian.org/~rleigh/
 `. `'   schroot and sbuild  http://alioth.debian.org/projects/buildd-tools
   `-    GPG Public Key      F33D 281D 470A B443 6756 147C 07B3 C8BC 4083 E800

Reply to:

Follow-Ups:
- Re: self signed repository
  - From: Ivan Shmakov <oneingray@gmail.com>
- Re: self signed repository
  - From: Anton Gorlov <stalker@locum.ru>

References:
- self signed repository
  - From: "stalker@locum.ru" <stalker@locum.ru>

Prev by Date: Re: Current SSD setup recommendations for laptop with Debian
Next by Date: Re: procmail filtering
Previous by thread: self signed repository
Next by thread: Re: self signed repository
Index(es):
- Date
- Thread