Posted by & filed under Miscellaneous.

After many requests from several users and after many months of promise, the Dotdeb repositories are GPG-signed. Yes, you can now get rid of the annoying “WARNING: The following packages cannot be authenticated!” message!

Waiting for a dotdeb-keyring package, you just have to get the key and add it to your trusted keys’ keyring :

gpg --keyserver keys.gnupg.net --recv-key 89DF5277
gpg -a --export 89DF5277 | sudo apt-key add -

I hope you’ll enjoy it.

48 Responses to “Dotdeb packages are now signed!”

  1. H.T

    Bonjour,

    Merci pour la signature des paquets.
    Pour chipoter est il vraiment nécessaire d’inscrire “sudo” avant le apt-key add ?

    Pour ceux qui utilisent la puissance de root sans autre forme de procès ça peut être perturbant ;)

    Reply
  2. Joshaven Potter

    I got the following error:
    W: GPG error: http://php53.dotdeb.org stable Release: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY E9C74FEEA2098A6E
    W: You may want to run apt-get update to correct these problems

    After trying the above I got:
    gpg: keyserver timed out
    gpg: keyserver receive failed: keyserver error

    and fixed everything with:
    wget http://packages.dotdeb.org/dotdeb.gpg && apt-key add dotdeb.gpg && rm dotdeb.gpg

    Reply
  3. Njko

    Great news!

    honestly i tought lets go to see dotdeb if the packages are now signed.. and first message I see was this one.

    Thanks a lot man!

    Reply
  4. Speckles

    Note: if your system doesn’t have the gpg command, the package to get it is called gnupg. Since it took me several hours to figure this out, I figured I should post this here to save any fellow newbs some time.

    Reply
  5. Burn

    > gpg –keyserver keys.gnupg.net –recv-key 89DF5277
    gpg: requesting key 89DF5277 from hkp server keys.gnupg.net
    gpg: keyserver timed out
    gpg: keyserver receive failed: keyserver error
    > wget http://packages.dotdeb.org/dotdeb.gpg && apt-key add dotdeb.gpg && rm dotdeb.gpg
    –2010-09-03 04:43:17– http://packages.dotdeb.org/dotdeb.gpg
    Resolving packages.dotdeb.org… 79.125.3.21
    Connecting to packages.dotdeb.org|79.125.3.21|:80… connected.
    HTTP request sent, awaiting response… 404 Not Found
    2010-09-03 04:43:17 ERROR 404: Not Found.

    Reply
  6. Scott Grayban

    Gui are you going to make a signing package people can install instead ?

    I think that would be best if not having the key imported automatically when they update there apt.

    I think all you have to do is create Release.gpg with your pubkey in it.

    Reply
  7. Scott Grayban

    Setting up a secure apt repository

    From man apt-secure

    If you want to provide archive signatures in an archive under your maintenance you have to:

    * Create a toplevel Release file. if it does not exist already. You can do this by running apt-ftparchive release (provided inftp apt-utils).
    * Sign it. You can do this by running gpg -abs -o Release.gpg Release.
    * Publish the key fingerprint, that way your users will know what key they need to import in order to authenticate the files in the archive.

    Whenever the contents of the archive changes (new packages are added or removed) the archive maintainer has to follow the first two steps previously outlined.

    Reply
  8. Toxic292

    Ports used with command “gpg –keyserver [...]” are the followings :

    hkp 11371/tcp # OpenPGP HTTP Keyserver
    hkp 11371/udp # OpenPGP HTTP Keyserver

    For the lucky ones that can configure there firewall…

    Reply

Trackbacks/Pingbacks

  1.  DotDeb: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY E9C74FEEA2098A6E | Admin Serveur
  2.  MySQL-Installation unter Debian - Delphi-PRAXiS
  3.  Dotdeb GPG zu Keyring hinzufügen
  4.  mysql 5.1.51 sobre debian lenny (a lo fácil) — Mis Historias
  5.  Where can I find the gpg key for dotdeb.org
  6.  Installing PHP 5.3.x in Ubuntu through apt-get or aptitude - Night Dreaming (by Sudar)
  7.  DEBIAN – MISE À JOUR DU SYSTÈME ET DOTDEB
  8.  Ellis Software » Archives du blog » Debian – Mise à jour du système et Dotdeb
  9.  Using Munin to monitor a Debian Squeeze server | Kevin Deldycke
  10.  Where can I find the gpg key for dotdeb.org - Admins Goodies
  11.  Installing PHP 5.3.x in Ubuntu through apt-get or aptitude | Web Development Blog
  12.  さくらのVPSでDebian 6をセットアップ #3(Dotdeb) | input*output
  13.  Where can I find the gpg key for dotdeb.org - Just just easy answers

Leave a Reply

  • (will not be published)


3 × six =