[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Problems with apt in a clean stretch install.

On Tue, 04 Jul 2017 12:19:24 +0100
Phil Wyett <philwyett@kathenas.org> wrote:

> Additional info. Why via synaptic the 'trusted.gpg' file is being
> created needs investigation.
> The file is a 32 byte file (way to small to be a valid key) is not
> even viewable by normal key view methods i.e.

Here it is 7.1 kB.

> /me has the feeling the file is just garbage.

I don't think so, quoting https://wiki.debian.org/SecureApt :

"apt-key is a program that is used to manage a keyring of gpg keys for
secure apt. The keyring is kept in the file /etc/apt/trusted.gpg (not to
be confused with the related but not very
interesting /etc/apt/trustdb.gpg). apt-key can be used to show the keys
in the keyring, and to add or remove a key. In more recent Debian
GNU/Linux versions (Wheezy, for example), the keyrings are stored in
specific files all located in the /etc/apt/trusted.gpg.d directory. For
example, that directory could contain the following files:
debian-archive-squeeze-automatic.gpg or
debian-archive-wheezy-automatic.gpg. Incidentally, both files are
provided by the debian-archive-keyring package. "

So apparently, if you have any keys added to the apt keyring that don't
appear in /etc/apt/trusted.gpg.d/ they went into trusted.gpg . The keys
included in any of these files can be queried with
# apt-key list 
Here the file includes five keys.



.-.. .. ...- .   .-.. --- -. --.   .- -. -..   .--. .-. --- ... .--. . .-.

There's a way out of any cage.
		-- Captain Christopher Pike, "The Menagerie" ("The Cage"),
		   stardate unknown.

Reply to: