On Fri, Oct 10, 2014 at 11:55 AM, Mark Felder <f...@freebsd.org> wrote:
>
>
> On Fri, Oct 10, 2014, at 14:47, Bryan Drewery wrote:
>> On 10/10/2014 1:12 PM, scratch65...@att.net wrote:
>> > On Fri, 10 Oct 2014 12:57:42 -0500, Brian Drewery wrote:
>> >
>> >> find /usr/share/keys/pkg -exec sha256 {} +
>> >
>> > No such file
>>
>> That's your problem. You are missing the signature fingerprints to
>> compare against. As such Pkg is refusing to do anything to prevent MITM
>> attacks.
>>
>> You are missing this:
>> https://www.freebsd.org/security/advisories/FreeBSD-EN-14:03.pkg.asc
>>
>> freebsd-update can provide it.
>
> Ahh, good point. This is better advice. Even if your system was
> supposedly fully up to date freebsd-update would detect this is missing
> and repair it as it was part of an SA. This is better advice than my
> manual creation method :-)I'm glad that Mark managed to get an answer to this question. But could pkg be adapted to help uninitiated users to discover this for themselves on the spot? Royce _______________________________________________ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
