Re: Verifying authenticity of Debian CDs

To: debian-user@lists.debian.org
Subject: Re: Verifying authenticity of Debian CDs
From: davidson <davidson@freevolt.org>
Date: Tue, 28 Jul 2020 09:52:50 +0000 (UTC)
Message-id: <[🔎] alpine.DEB.2.21.2007280947140.20698@azone.org>
In-reply-to: <[🔎] CALtr+3m2j9NW2=XwC2RmPXLg+zBMD6=ErewYgE7a+-rjxe=SUw@mail.gmail.com>
References: <[🔎] CAFi06wcen4BspjTo9nU4vUere9w09z-4OtOgttJL3wGD80Toqg@mail.gmail.com> <[🔎] jwveep0sx62.fsf-monnier+gmane.linux.debian.user@gnu.org> <[🔎] CALtr+3nLU1WS5zBpnkotyFcoKX67=G9yud1hMeexKEj_W8tDQw@mail.gmail.com> <[🔎] CALtr+3m2j9NW2=XwC2RmPXLg+zBMD6=ErewYgE7a+-rjxe=SUw@mail.gmail.com>

On Fri, 24 Jul 2020 Andrew Cater wrote:

And it turns out that /etc/apt/trusted.gpg has the buster-stable, the
buster-automatic and the buster-security keys by default but _NOT_ the
debian-cd signing key so the stage of importing the key to match the
specific Debian CD signing key is still valid.


If you are doing all this on a debian system you trust, the keys you
want are installed by the package

 debian-keyring

in

 /usr/share/keyrings/debian-role-keys.gpg

About one month ago I detailed here how they can be used:

 lists.debian.org/msgid-search/alpine.DEB.2.21.2006240945240.28857@azone.org

--
Ce qui est important est rarement urgent
et ce qui est urgent est rarement important
-- Dwight David Eisenhower

Reply to:

References:
- Verifying authenticity of Debian CDs
  - From: Semih Ozlem <semihozlemlinuxuser@gmail.com>
- Re: Verifying authenticity of Debian CDs
  - From: Stefan Monnier <monnier@iro.umontreal.ca>
- Re: Verifying authenticity of Debian CDs
  - From: Andrew Cater <amacater@gmail.com>
- Re: Verifying authenticity of Debian CDs
  - From: Andrew Cater <amacater@gmail.com>

Prev by Date: Re: Verifying authenticity of Debian CDs
Next by Date: midnight commander editor
Previous by thread: Re: Verifying authenticity of Debian CDs
Next by thread: Re: Verifying authenticity of Debian CDs
Index(es):
- Date
- Thread