Enabled repositories in default install
dennis at kaarsemaker.net
Mon Jun 27 16:35:07 CDT 2005
On di, 2005-06-28 at 07:26 +1000, John Skaller wrote:
> On Mon, 2005-06-27 at 22:45 +0200, Dennis Kaarsemaker wrote:
> > On di, 2005-06-28 at 06:27 +1000, John Skaller wrote:
> > > "WARNING: You are about to install software that CANT BE
> > > AUTHENTICATED.
> > > Doing this could allow a malicious individual to damage
> > > or take control of your system."
> > This warning will *not* be caused by Universe packages, only by packages
> > from 3rd party repositories.
> > All Ubuntu packages, including universe and multiverse are signed.
> Can you explain further please? What do you mean by
> '3rd party repositories'?
> I am using an Ubuntu mirror provided by my ISP.
> This is not the official mirror in my location.
> I get no warning on 'main' packages but I do get it
> on at least some universe packages, including 'dia'
> and 'ocaml-tools'.
I get no warnign for both (or other universe packages), so your mirror
must have messed things up or you are missing some keys from your APT
> I would guess 'third party repository' meant
> some arbitrary debian like structure put up on
> some machine by some arbitrary person.
> In any case, authentication should still be
> possible for such a repository if the appropriate
> keys are available .. so how are the keys used
> to authenticate package downloads obtained/configured?
The apt-key tool manages the APT trusted keyring. Run it without
arguments for a quick glance at the possibilities, read the manpage for
- Linux for human beings: http://www.ubuntulinux.org
- Linux voor normale mensen: http://www.ubuntulinux.nl
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.ubuntu.com/archives/ubuntu-devel/attachments/20050627/c72dc183/attachment.pgp
More information about the ubuntu-devel