how to authenticate my local repository
paulatgm at gmail.com
Tue Apr 29 20:56:19 BST 2008
I'm collected a few Gb of packages during my install and would like to
store them on another partition in case I have to reinstall.
I've created a "trivial" repository .. just a directory with all the
packages in it. Used apt-ftparchive to create a Packages.gz, added a
md5sum.txt file, and added it to my sources.list.
After aptitude updating, the local repository gets included in the
archive lists (in /var/lib/apt/lists).
But, when I go to install from it, aptitude wants to download from the
net rather than pull from the local repository.
I think the problem is that aptitude prefers authenticated repositories
to unauthenticated ones.
So, I've created a gpg key and used "sudo apt-key add <>" to add it and
"apt-key list" to confirm it's there.
Next, I used apt-ftparchive to create a Release file in the repository.
Next, I used "gpg -abs -o Release.gpg Release" to authenticate the
Next, I use aptitude update to update the repository lists. But, now,
for some reason this repository Packages.gz is being excluded from the
/var/lib/apt/lists/ . However the Release and Release.gpg do get into
I must be doing something wrong with the gpg authentication. I've been
unable to find any info googling so far. Everything refers to earlier
versions where aptitude was not picky about authentication. But, in
hardy, this is a change.
Anyone succeed with this?
More information about the kubuntu-users