Dies schrieb Julian Andres Klode ([email protected]): > > apt-key --interactive fetch <keyid> > > > > will download the specified key from a keyserver, presenting its data > > to the user and awaiting confirmation before adding the key. > > > > Without --interactive/-i, the fetch command will be denied due to security > > considerations. > I don't see a reason to do this. This is a command-line tool which only > works as root and limiting the root user is non-sense. He could just > point gpg to APT's keyring and add the key without apt-key, thus there > is no security benefit in requiring interactiveness.
I added this requirement to keep people from blindly retrieving keys from a keyserver without verifying them or thinking about the trust they put into the people behind the keys. (see also http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=341976#17) However, I think either removing the --interactive requirement or adding a --force/--noverify option to override it could be worthy of discussion. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
