On 06/20/2018 08:39 AM, john doe wrote:
On 6/19/2018 10:55 PM, Adam Cecile wrote:On 06/19/2018 10:48 PM, Don Armstrong wrote:With apt ? I had to set allowunauthenticated = 1 in apt.conf, otherwise apt wouldn't install anything.On Tue, 19 Jun 2018, Adam Cecile wrote:That's a pity, don't you think so ? I think Debian should renew the archive key, so we can still verify packages signatures.You can still verify them. Key expiration doesn't make existing signatures invalid. [Indeed, gpgv doesn't even check for expired keys.]Can you give us the warning/error you're getting?
---> Running in 2300490ebb96 Get:1 http://archive.debian.org squeeze Release.gpg [1655 B] Get:2 http://archive.debian.org squeeze-lts Release.gpg [819 B] Get:3 http://archive.debian.org squeeze Release [96.0 kB] Ign http://archive.debian.org squeeze Release Get:4 http://archive.debian.org squeeze-lts Release [34.3 kB] Get:5 http://archive.debian.org squeeze/main amd64 Packages [8370 kB] Get:6 http://archive.debian.org squeeze-lts/main amd64 Packages [390 kB] Fetched 8893 kB in 0s (10.0 MB/s) Reading package lists...W: GPG error: http://archive.debian.org squeeze Release: The following signatures were invalid: KEYEXPIRED 1520281423 KEYEXPIRED 1501892461
Reading package lists... Building dependency tree... Reading state information... The following extra packages will be installed: libssl0.9.8 openssl The following NEW packages will be installed: ca-certificates libssl0.9.8 openssl wget 0 upgraded, 4 newly installed, 0 to remove and 0 not upgraded. Need to get 2980 kB of archives. After this operation, 7578 kB of additional disk space will be used. WARNING: The following packages cannot be authenticated! ca-certificates E: There are problems and -y was used without --force-yes