Dotdeb packages are now signed!
July 11th, 2010 | by Guillaume Plessis |After many requests from several users and after many months of promise, the Dotdeb repositories are GPG-signed. Yes, you can now get rid of the annoying “WARNING: The following packages cannot be authenticated!” message!
Waiting for a dotdeb-keyring package, you just have to get the appropriate file by hand and add it to your trusted keys’ keyring :
gpg --keyserver keys.gnupg.net --recv-key 89DF5277 gpg -a --export 89DF5277 | sudo apt-key add -
I hope you’ll enjoy it.
36 Responses to “Dotdeb packages are now signed!”
By acid on Jul 11, 2010 | Reply
I love you! Seriously, thanx for your work!!
By daniel on Jul 11, 2010 | Reply
gorgeous
By danei on Jul 12, 2010 | Reply
Yes I enjoy that
By amine on Jul 12, 2010 | Reply
nice
By amine on Jul 12, 2010 | Reply
Hi have a problem,
i added in the /etc/apt/sources.list
deb http://packages.dotdeb.org stable all
deb-src http://packages.dotdeb.org stable all
when i do apt-get update i have this error :
W: GPG error: http://packages.dotdeb.org stable Release: Les signatures suivantes n’ont pas pu être vérifiées car la clé publique n’est pas disponible : NO_PUBKEY E9C74FEEA2098A6E
any idea please ?
By Guillaume Plessis on Jul 12, 2010 | Reply
@amine : just fetch the GnuPG key and add it to your APT keyring, as explained in the above post.
By gosi on Jul 12, 2010 | Reply
Thanks for all your effort!
By Jockl on Jul 12, 2010 | Reply
Thank you! Everything worked fine…as always!
By waiter on Jul 13, 2010 | Reply
Cool! Thanks a lot!
By Tyrael on Jul 13, 2010 | Reply
thank you!
Tyrael
By The BLION Corp. on Jul 14, 2010 | Reply
Hello,
Great. With these signatures, I (or even my customers) can now upgrade directly from Virtualmin panel.
By Pandark on Jul 14, 2010 | Reply
Thank you very much.
If it doesn’t work first, you may have to open the 11371 port as I did.
By H.T on Jul 16, 2010 | Reply
Bonjour,
Merci pour la signature des paquets.
Pour chipoter est il vraiment nécessaire d’inscrire “sudo” avant le apt-key add ?
Pour ceux qui utilisent la puissance de root sans autre forme de procès ça peut être perturbant
By Joshaven Potter on Jul 16, 2010 | Reply
I got the following error:
W: GPG error: http://php53.dotdeb.org stable Release: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY E9C74FEEA2098A6E
W: You may want to run apt-get update to correct these problems
After trying the above I got:
gpg: keyserver timed out
gpg: keyserver receive failed: keyserver error
and fixed everything with:
wget http://packages.dotdeb.org/dotdeb.gpg && apt-key add dotdeb.gpg && rm dotdeb.gpg
By Guillaume Plessis on Jul 17, 2010 | Reply
@H.T. : à chacun d’adopter la politique de sécurité qui lui sied
By Scott Grayban on Jul 19, 2010 | Reply
oh hell ya !!!
By Njko on Jul 19, 2010 | Reply
Great news!
honestly i tought lets go to see dotdeb if the packages are now signed.. and first message I see was this one.
Thanks a lot man!
By Vide on Jul 22, 2010 | Reply
Thanks!
By Adub on Jul 23, 2010 | Reply
@Joshaven Potter
Thank you so much! Your solution worked wonders for me.
By JarekMk on Jul 24, 2010 | Reply
Guillaume, did you checked mailbox?
By Guillaume Plessis on Jul 24, 2010 | Reply
@JarekMk : I’ll answer soon
By JarekMk on Jul 25, 2010 | Reply
OK I wait. Thank you.
By petr on Jul 27, 2010 | Reply
hello, file on http://packages.dotdeb.org/dotdeb.gpg is not found?
. this file is for download on another location? help.pls.
By Guillaume Plessis on Jul 27, 2010 | Reply
@petr : it’s back. Sorry. You could use keys.gnupg.net to receive the key instead.
By petr on Jul 27, 2010 | Reply
@Guillaume Plessis
thx , all ok new
By kepi on Aug 13, 2010 | Reply
Finally, thanks!
By vixns on Aug 20, 2010 | Reply
http://packages.dotdeb.org/dotdeb.gpg => 404
By Guillaume Plessis on Aug 20, 2010 | Reply
@vixns : Please use keys.gnupg.net tu get the key.
By Speckles on Aug 30, 2010 | Reply
Note: if your system doesn’t have the gpg command, the package to get it is called gnupg. Since it took me several hours to figure this out, I figured I should post this here to save any fellow newbs some time.
By karfes on Sep 1, 2010 | Reply
am new with this keyring issue, how do you fetch for the GnuPG key? i need some guide
By Burn on Sep 3, 2010 | Reply
> gpg –keyserver keys.gnupg.net –recv-key 89DF5277
gpg: requesting key 89DF5277 from hkp server keys.gnupg.net
gpg: keyserver timed out
gpg: keyserver receive failed: keyserver error
> wget http://packages.dotdeb.org/dotdeb.gpg && apt-key add dotdeb.gpg && rm dotdeb.gpg
–2010-09-03 04:43:17– http://packages.dotdeb.org/dotdeb.gpg
Resolving packages.dotdeb.org… 79.125.3.21
Connecting to packages.dotdeb.org|79.125.3.21|:80… connected.
HTTP request sent, awaiting response… 404 Not Found
2010-09-03 04:43:17 ERROR 404: Not Found.
By Mentalow on Sep 5, 2010 | Reply
Hey
The key isnt found with your guide! The key doesnt exist in the database
By Scott Grayban on Sep 6, 2010 | Reply
Wow people really do not read anything these days.
The error was “keyserver timed out” doh !! So for the newbies with no education that means the keyserver is having a issue not “key not found”.
Second read http://www.dotdeb.org/2010/07/11/dotdeb-packages-are-now-signed/#comment-2556
Start reading instead of being spoon fed here.