Re: Expired GPG keys of older release
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, Jun 20, 2018 at 09:43:03AM +0200, john doe wrote:
[...]
> As other as pointed out if the expiration date is not extended on
> the key your out of luck! :)
>
> https://www.debian.org/News/2011/20110209
Yes, exactly. Keys *have* to expire at some point, and you can't
re-sign archived packages with a fresh key. Note that this will
happen to all "old" documents, not only Debian packages.
> One workaroungd could be:
> 1) Download all required packages
> 2) Verify the downloaded packages using 'gpg --verify'
> 3) Install the verified pkgs
>
> The best workaround would be to upgrade to Debian Stretch (6 to 7, 7
> to 8, 8 to 9)! :)
Yes, but there may be perfectly valid reasons to stick to an old
Debian: that's why they are available in the archives. One example
would be "old hardware".
> For sake of completeness:
> apt-key update - update keys using the keyring package
> apt-key net-update - update keys using the network
Yes, but that won't help in the above case. It's more of a "structural"
problem.
Cheers
- -- t
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iEYEARECAAYFAlsqB+cACgkQBcgs9XrR2ka90ACff8t+OZV4/2kc/4b4WyAT1eDV
rzIAn34J0aj3Ye5IGS5EgCjmmy5pCm9U
=4R0W
-----END PGP SIGNATURE-----
Reply to: