On Tue, 21 Nov 2006, Kurt Roeckx wrote:
On Tue, Nov 21, 2006 at 04:50:29PM -0600, Peter Samuelson wrote:
[Martin Zobel-Helas]
gpg --recv-keys A70DAF536070D3A1 && (gpg --export -a A70DAF536070D3A1 | apt-key
add -)
Uh, don't forget the part about verifying that the key is actually
signed by the ftpmasters. Skipping that step pretty much defeats the
entire point.
gpg --list-sigs A70DAF536070D3A1
Try gpg --check-sigs A70DAF536070D3A1 instead.
But Hendrik Sattler is perfectly right and this knowledge has to be stored
at prominant places like:
a) installation manual
b) apt-key.8
c) perhaps somewhere else
Could maintainers of a) and b) (and perhaps c) ;-)) acknowledge, that this
will be done or should we rather file bug reports (IMHO with severity
"important") to these packages?
Kind regards
Andreas.
PS: debian-boot@lists.debian.org in CC because of the installation manual
issue. Forgive me if this should be off-topic there.
--
http://fam-tille.de
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
