On Tue, Jun 20, 2017 at 01:56:57PM -0400, Daniel Kahn Gillmor wrote:
Hi Rex--On Tue 2017-06-20 08:43:16 -0700, Rex Kneisley wrote:root@debian-rig:/home/rexk# wget -qO - https://download.sublimetext.com/sublimehq-pub.gpg | sudo apt-key add - gpg: WARNING: nothing exported gpg: no valid OpenPGP data found. gpg: Total number processed: 0While it's a common recommendation, "apt-key add -" is generally a bad idea, because it mixes the fetched keys in with all the other keys. It's a better idea to fetch the keys for a given repository separately and mark them as acceptable only for this specific repo. Since you're using debian stable (stretch), you might want to read: https://wiki.debian.org/DebianRepository/UseThirdParty From its suggestions, if you want to add the sublime repo (which i have never vetted and am not personally recommending here), you might prefer to do the following on debian stretch: wget -O /usr/share/keyring/sublimehq-pub.gpg.asc https://download.sublimetext.com/sublimehq-pub.gpg gpg --dearmor < /usr/share/keyring/sublimehq-pub.gpg.asc > /usr/share/keyring/sublimehq-pub.gpg echo 'deb [signed-by=/usr/share/keyring/sublimehq-pub.gpg] https://download.sublimetext.com/ apt/stable/' > /etc/apt/sources.list.d/sublime.list
Thank you. I've been meaning to switch my apt sources over to this style for a while, but couldn't seem to get apt to see the separate keys. It looks like I was missing out the "[signed-by=...]" part.
This makes it so the sublime repository key is not accepted for
certifying the main debian repos (which it should not be doing).
I suspect that the problem you were having may have to do with the
ascii-armoring on the fetched file, which is why i've included the
--dearmor line in the middle of the three steps above.
hope this helps,
--dkg
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
-- For more information, please reread.
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
