[SOLVED] Re: Question about repository signing
For some reason, gpg on this new system was defaulting to SHA1 to sign
documents. I added this to ~/.gnupg/gpg.conf and reprerpo is now producing
valid repos. Probably should be an option reprepro passes to gpg. :)
personal-digest-preferences SHA256
Thanks for all the pointers and help!
j
On Monday, November 11, 2019 2:42:25 PM AKST Joshua J. Kugler wrote:
> Sending again because my mailer somehow sent a blank message.
>
> Found a possible issue
> Old repo:
> Second line of dists/cmpny/InRelease
> Hash: SHA256
>
> on our new packages:
> second line of 18/dists/cmpny/InRelease
> Hash: SHA1
>
> Now to figure out how to get gpg/reprepro to use updated hashes.
>
> I've already updated the gpg.conf, but that didn't seem to have any effect.
>
> j
--
Joshua J. Kugler -- Fairbanks, AK
Blogs: http://jjncj.com/blog/ (Family) -- http://joshuakugler.com (Geek)
Philippians 2:9-11
Reply to: