From rpm-list-admin@freshrpms.net Wed Oct 9 10:53:22 2002 Return-Path: Delivered-To: zzzz@localhost.spamassassin.taint.org Received: from localhost (jalapeno [127.0.0.1]) by spamassassin.taint.org (Postfix) with ESMTP id C262316F82 for ; Wed, 9 Oct 2002 10:52:20 +0100 (IST) Received: from jalapeno [127.0.0.1] by localhost with IMAP (fetchmail-5.9.0) for zzzz@localhost (single-drop); Wed, 09 Oct 2002 10:52:20 +0100 (IST) Received: from egwn.net (ns2.egwn.net [193.172.5.4]) by dogma.slashnull.org (8.11.6/8.11.6) with ESMTP id g999a0K28408 for ; Wed, 9 Oct 2002 10:36:01 +0100 Received: from auth02.nl.egwn.net (localhost [127.0.0.1]) by egwn.net (8.11.6/8.11.6/EGWN) with ESMTP id g999T2f09799; Wed, 9 Oct 2002 11:29:02 +0200 Received: from evv.kamakiriad.local (cable-b-36.sigecom.net [63.69.210.36]) by egwn.net (8.11.6/8.11.6/EGWN) with ESMTP id g999Rif01254 for ; Wed, 9 Oct 2002 11:27:45 +0200 Received: from aquila.kamakiriad.local (aquila.kamakiriad.local [192.168.1.3]) by kamakiriad.com (8.11.6/8.11.6) with SMTP id g999RWP18078 for ; Wed, 9 Oct 2002 04:27:32 -0500 From: Brian Fahrlander To: rpm-zzzlist@freshrpms.net Subject: Re: Apt repository authentication: it's time Message-Id: <20021009042734.049ea20e.kilroy@kamakiriad.com> In-Reply-To: <20021009110311.32c22ea5.matthias@rpmforge.net> References: <20021008175452.581c0e50.kilroy@kamakiriad.com> <20021009110311.32c22ea5.matthias@rpmforge.net> X-Mailer: Sylpheed version 0.8.5 (GTK+ 1.2.10; i386-redhat-linux) X-Message-Flag: : Shame on you! You know Outlook is how viruses are spread! MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit X-Mailscanner: Found to be clean, Found to be clean Sender: rpm-zzzlist-admin@freshrpms.net Errors-To: rpm-zzzlist-admin@freshrpms.net X-Beenthere: rpm-zzzlist@freshrpms.net X-Mailman-Version: 2.0.11 Precedence: bulk Reply-To: rpm-zzzlist@freshrpms.net List-Help: List-Post: List-Subscribe: , List-Id: Freshrpms RPM discussion list List-Unsubscribe: , List-Archive: X-Original-Date: Wed, 9 Oct 2002 04:27:34 -0500 Date: Wed, 9 Oct 2002 04:27:34 -0500 On Wed, 9 Oct 2002 11:03:11 +0200, Matthias Saou wrote: > I don't think gpg signing my repositories will help anything, as it will > just ensure that my passphrase was typed to confirm the md5 signatures of > all pgklists and srclists. Basically, you'll then just be sure that it's me > who generated the files, and this will of course prevent automating the > process of updating the apt repository when Red Hat updates show up. Isn't there a packager-key that's concealed inside the rpm? Things have changed a bit since I used to work with'em, but I thought there was some internal number that must be compared to be correct (or, presumably, return an error.) > In Red Hat Linux 8.0 though, the warnings about "No Key" appear until you > import the right gpg public keys directly with rpm, for example : > rpm --import /usr/share/doc/apt-0.5.4cnc7/RPM-GPG-KEY > (this will import my key, which is used to sign all freshrpms.net packages) Hey, cool; wether it protects me or not, I feel better about it. > Hopefully it is possible to the tell rpm to install *only* packages who > verify against an imported gpg key? This for me would be the optimal way to > ensure integrity with the way things curently work. Yeah, surely there's a flag for that; there is, for everything else, aye? :) ------------------------------------------------------------------------ Brian Fahrländer Linux Zealot, Conservative, and Technomad Evansville, IN My Voyage: http://www.CounterMoon.com ICQ 5119262 ------------------------------------------------------------------------ angegangen, Schlange-Hüften, sein es ganz rüber jetzt. Bügel innen fest, weil es eine lange, süsse Fahrt ist. _______________________________________________ RPM-List mailing list http://lists.freshrpms.net/mailman/listinfo/rpm-list