FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 09-10-2010, 12:14 PM
Onur Aslan
 
Default How can I disable signature check for a Debian CD?

On Fri, Sep 10, 2010 at 06:58:01AM -0500, Kumar Appaiah wrote:
> Is there a particular reason why you don't want to use apt-cdrom to
> use the CD repositories? It is much easier than mounting the CD to use
> it.

I also tried apt-cdrom but I have same problem with apt-cdrom.

I added my image with:
apt-cdrom -m -d /mnt add

It's successfuly added but aptitude is showing packages as from
untrusted source.

> In any case, to fix the error you get, you have to identify the GPG
> key corresponding to the CD, and obtain it (preferably in a trusted
> manner), and do
>
> sudo apt-ket add - < key

Where can I get this keys? CD images doesn't have signatures.


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20100910121411.GA8577@localhost">http://lists.debian.org/20100910121411.GA8577@localhost
 
Old 09-10-2010, 12:25 PM
Kumar Appaiah
 
Default How can I disable signature check for a Debian CD?

On Fri, Sep 10, 2010 at 03:14:11PM +0300, Onur Aslan wrote:
> > In any case, to fix the error you get, you have to identify the GPG
> > key corresponding to the CD, and obtain it (preferably in a trusted
> > manner), and do
> >
> > sudo apt-ket add - < key
>
> Where can I get this keys? CD images doesn't have signatures.

Please paste the error message here. It would contain the key ID.

Kumar
--
The most important design issue... is the fact that Linux is supposed to
be fun...
-- Linus Torvalds at the First Dutch International Symposium on Linux


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20100910122554.GA6437@bluemoon.alumni.iitm.ac.in"> http://lists.debian.org/20100910122554.GA6437@bluemoon.alumni.iitm.ac.in
 
Old 09-10-2010, 12:36 PM
Onur Aslan
 
Default How can I disable signature check for a Debian CD?

On Fri, Sep 10, 2010 at 07:25:54AM -0500, Kumar Appaiah wrote:
> Please paste the error message here. It would contain the key ID.

There is no error. Debian CD images doesn't have any signature or key.

Or maybe I am doing something wrong.

Also I want to add, I don't have any CD-ROM drive. I am using CD images,
after mount them to somewhere.


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20100910123603.GA8741@localhost">http://lists.debian.org/20100910123603.GA8741@localhost
 
Old 09-10-2010, 01:49 PM
Kumar Appaiah
 
Default How can I disable signature check for a Debian CD?

On Fri, Sep 10, 2010 at 03:36:03PM +0300, Onur Aslan wrote:
> On Fri, Sep 10, 2010 at 07:25:54AM -0500, Kumar Appaiah wrote:
> > Please paste the error message here. It would contain the key ID.
>
> There is no error. Debian CD images doesn't have any signature or key.

I see. I thought apt-get update would actually warn about the missing
keys; maybe I was wrong.

You could try looking for the Release.gpg file in your CD and trying
out this:

gpg --verify Release.gpg Release

That would tell you the keys which were used to sign the files. For
instance:

gpg: Signature made Sat 04 Sep 2010 12:30:28 PM CDT using RSA key ID 55BE302B
gpg: Can't check signature: public key not found
gpg: Signature made Sat 04 Sep 2010 12:37:54 PM CDT using DSA key ID F42584E6
gpg: Can't check signature: public key not found

Please let me know if this helps.

Kumar


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20100910134932.GD27363@bowser.ece.utexas.edu">http ://lists.debian.org/20100910134932.GD27363@bowser.ece.utexas.edu
 
Old 09-10-2010, 03:26 PM
Onur Aslan
 
Default How can I disable signature check for a Debian CD?

Kumar thank you for your help.

But Debian is identify their CDs in a different way. I don't know how to
doing this. The repository in the images are not signed. When I use CD
images after burn them to a blank CD, Debian successfully identify cdroms.
But when I try to use them as images after mount them to somewhere,
Debian doesn't identify local repository as trusted.

Maybe it is not possible at all. I want to do this because I have only
first DVD image of Debian. When I need another package which I dont have
one, I am adding a ftp url to my sources.list. When I do this Debian
is using only this url because my local repository is untrusted.

In the early times, I was manually sign my local Release. Maybe I should
continue to do this.

On Fri, Sep 10, 2010 at 08:49:32AM -0500, Kumar Appaiah wrote:
> On Fri, Sep 10, 2010 at 03:36:03PM +0300, Onur Aslan wrote:
> > On Fri, Sep 10, 2010 at 07:25:54AM -0500, Kumar Appaiah wrote:
> > > Please paste the error message here. It would contain the key ID.
> >
> > There is no error. Debian CD images doesn't have any signature or key.
>
> I see. I thought apt-get update would actually warn about the missing
> keys; maybe I was wrong.
>
> You could try looking for the Release.gpg file in your CD and trying
> out this:
>
> gpg --verify Release.gpg Release
>
> That would tell you the keys which were used to sign the files. For
> instance:
>
> gpg: Signature made Sat 04 Sep 2010 12:30:28 PM CDT using RSA key ID 55BE302B
> gpg: Can't check signature: public key not found
> gpg: Signature made Sat 04 Sep 2010 12:37:54 PM CDT using DSA key ID F42584E6
> gpg: Can't check signature: public key not found
>
> Please let me know if this helps.
>
> Kumar
>
>
> --
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: http://lists.debian.org/20100910134932.GD27363@bowser.ece.utexas.edu
>


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20100910152649.GA9099@localhost">http://lists.debian.org/20100910152649.GA9099@localhost
 
Old 09-10-2010, 06:18 PM
Kumar Appaiah
 
Default How can I disable signature check for a Debian CD?

On Fri, Sep 10, 2010 at 06:26:49PM +0300, Onur Aslan wrote:
> In the early times, I was manually sign my local Release. Maybe I should
> continue to do this.

Since I don't have any other ideas, I'd actually not be averse to
that. You could sign your repository yourself, with a key which APT is
aware of.

If someone else can point our the "right" way, please do.

Thanks.

Kumar
--
Avoid the Gates of Hell. Use Linux
(Unknown source)


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20100910181805.GI13105@146653177.ece.utexas.edu">h ttp://lists.debian.org/20100910181805.GI13105@146653177.ece.utexas.edu
 
Old 09-11-2010, 06:52 AM
Brian Ryans
 
Default How can I disable signature check for a Debian CD?

Quoting Kumar Appaiah on 2010-09-10 13:18:06, in Message-Id
<20100910181805.GI13105@146653177.ece.utexas.edu >

> If someone else can point our the "right" way, please do.

,----[ /etc/apt/apt.conf.d/00trustcdrom ]-
| APT::Authentication::TrustCDROM "true";
`----

--
_ Brian Ryans 8B2A 54C4 E275 8CFD 8A7D 5D0B 0AD0 B014 C112 13D0 .
( ) ICQ 43190205 | Mail/Jabber/Yahoo/MSN: BrianLRyans@gmail.com ..:
X ASCII Ribbon Campaign Against HTML mail and v-cards: asciiribbon.org
/ /* Witty quotes of 68 chars or less here. Email me for more info. */
 

Thread Tools




All times are GMT. The time now is 06:59 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org