On Tue, 29 Jun 2010 21:40:37 +0200, Carsten Aulbert
wrote:
> My problem is relatively simple. We provide a (Debian) repository for our
> colleagues as well as ourselves and would like to sign it (for the experts:
> reprepro's export option). Of course one could either copy around the secret
>
Here is some kind of suggestion which might be helpful in your case.
If I need to do signing or encrypting on remote hosts I use ssh to execute the
signing command on a other remote machine in this case my local machine. It
doesn't work in any case but in some cases like git tag signing, email
On Wed, Jun 30, 2010 at 2:33 PM, Carsten Aulbert
wrote:
> Hi Daniel
>
> On Wednesday 30 June 2010 19:06:58 Daniel Kahn Gillmor wrote:
>>
>> Does this workflow work for you? if not, why not?
>
> I've thought about that, but these repos are a shared effort where the secret
> key is also shared by f
On 06/30/2010 01:33 PM, Carsten Aulbert wrote:
> Thus maybe I should consider doing a 2-way sync:
If you're worried about collisions/race conditions, you could reduce the
race window to an arbitrarily small timeframe by having your sync
scripts hold an advisory lockfile on the public-facing machin
Hi Daniel
On Wednesday 30 June 2010 19:06:58 Daniel Kahn Gillmor wrote:
>
> Does this workflow work for you? if not, why not?
I've thought about that, but these repos are a shared effort where the secret
key is also shared by four trusted people - thus there is a source for race
conditions -
On 06/29/2010 03:40 PM, Carsten Aulbert wrote:
> My problem is relatively simple. We provide a (Debian) repository for our
> colleagues as well as ourselves and would like to sign it
[ ... ]
> Anyone with an idea how to accomplish this?
I maintain several signed apt repositories. I never for
Carsten Aulbert writes:
> Now the notorious question: Does anyone know how to forward the agent's
> socket
> to the remote machine? I've briefly tried socat (remote unix socket to tcp
It does not help you. gpg currently uses the agent only for passphrase
caching and not for secret key proces
Hi all,
this question has come up here in the past but I've never found *any* reply so
far.
My problem is relatively simple. We provide a (Debian) repository for our
colleagues as well as ourselves and would like to sign it (for the experts:
reprepro's export option). Of course one could eithe
Hi all (please cc me on any reply),
this question has come up here in the past but I've never found *any* reply so
far.
My problem is relatively simple. We provide a (Debian) repository for our
colleagues as well as ourselves and would like to sign it (for the experts:
reprepro's export option
