[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Repeatable apt-get WARNING: The following packages cannot be authenticated!

Andrei POPESCU wrote:
On Vi, 18 apr 14, 11:08:42, Richard Owlett wrote:
Andrei POPESCU wrote:
On Jo, 17 apr 14, 11:15:00, Richard Owlett wrote:

Yeah BUT ;(
I get NO errors or warnings when apt-get uses the physical DVDs from which
the loop mounted iso's were created.


APT::Authentication::TrustCDROM "true";

Changing that "true" to "false" makes loading from the physical DVDs act the
same as loading from the loop mounted ISO images. Not elegant nor
'satisfactory', but at least consistent.

Is there some documentation on signing aimed at the end-user rather than
package creators. I know I'm missing something - just don't know what ;/

Here's what I use:


# This part generates the minimum necessary files
# for an apt repository.
# Assumptions:
# - this script is run in the directory with packages
# - apt-ftparchive is installed (package apt-utils)
# - you have a GPG key (the default key is used)

# apt seems to require both, even if only one is used
apt-ftparchive packages ./ > Packages
apt-ftparchive packages ./ | gzip > Packages.gz

apt-ftparchive release ./ > Release

sudo -u amp gpg --armor --detach-sign --sign --output Release.gpg Release

# a sources.list line should look like this
# deb file:/directory/with/debs ./

Hope this helps,

Yes - but probably not in the way you expected ;)
I started deciphering what your script with aid of man pages.
Thus found reference to "GNU Privacy Guard". In my reading I had seen lots of abbreviations and acronyms - but never that title *ROFL*

What I'm looking for will be one of the many HOWTO's on that subject.
Looks like I have at least a week's worth of reading to do.
Thank you.

Reply to: