On 23/05/2023 5:23 am, Joshua Branson wrote:
Sergey Bugaev writes:
Hi,
On Mon, May 22, 2023 at 6:49 PM jbra...@dismail.de wrote:
+upgrade to the bleeding edge Debian GNU/Hurd:
+
+ $ wget
http://ftp.de.debian.org/debian/pool/main/d/debian-ports-archive-keyring/debian-ports-archive-keyring_2023.02.01_all.deb
+ # dpkg -i debian-ports-archive-keyring_2023.02.01_all.deb
Is this secure though? You're fetching a package through unprotected
HTTP, then installing it as a trusted keyring.
Probably not. I actually just copied janneke's recent email. I have
not executed the above commands. Is there a more secure way to install
that keyring?
The best way is:
apt install -t sid debian-ports-archive-keyring
That way leaves security to the apt system.
Details of what to place in /etc/apt/sources/list.d/debian-ports.list to
get access to the archive may also be useful here.
HTH
Amos
