Re: [PATCH] apt-key: receive key from keyserver

To: Lubomir Host <rajo@platon.sk>
Cc: APT Development Team <deity@lists.debian.org>
Subject: Re: [PATCH] apt-key: receive key from keyserver
From: Florian Weimer <fw@deneb.enyo.de>
Date: Thu, 22 Nov 2007 00:26:14 +0100
Message-id: <[🔎] 8763zvnpt5.fsf@mid.deneb.enyo.de>
In-reply-to: <[🔎] 20071121230259.GL5656@platon.sk> (Lubomir Host's message of "Thu, 22 Nov 2007 00:02:59 +0100")
References: <[🔎] 20071120205400.GD5656@platon.sk> <[🔎] 873auzp5x9.fsf@mid.deneb.enyo.de> <[🔎] 20071121230259.GL5656@platon.sk>

* Lubomir Host:

> $ gpg --list-keys --keyid-format long | tail -n 3
> pub   1024D/B5D0C804ADB11277 2006-09-17
> uid                          Etch Stable Release Key <debian-release@lists.debian.org>
>
>
> Of course, you can pass keyid in long format to apt-key.

The long key ID is easy to spoof, too.  Just use a v3 key with a modulus
of n = pq, where p == 1 (mod 2**64) and q == B5D0C804ADB11277 (mod 2**64).
This can be achieved with the regular key generation process, by simply
starting from non-random p and q.

You do need the fingerprint.  If you can enter that, you can also paste
the full key to "apt-key add -".  If you don't need the security, you
can use "apt-get install debian-archive-keyring".

Reply to:

References:
- [PATCH] apt-key: receive key from keyserver
  - From: Lubomir Host <rajo@platon.sk>
- Re: [PATCH] apt-key: receive key from keyserver
  - From: Florian Weimer <fw@deneb.enyo.de>
- Re: [PATCH] apt-key: receive key from keyserver
  - From: Lubomir Host <rajo@platon.sk>

Prev by Date: Re: [PATCH] apt-key: receive key from keyserver
Next by Date: Bug#452377: A package marked for reinstall, if conflicting, is removed *without warning*
Previous by thread: Re: [PATCH] apt-key: receive key from keyserver
Next by thread: Bug#107151: Create a successful career within our company
Index(es):
- Date
- Thread