Aptly authentication

blue mint

unread,

Feb 8, 2023, 7:54:32 AM2/8/23

to aptly-discuss

Hi,

I'd like to create a local repository and make it accessible from the Internet but I'd like to secure it in a way that not everyone would be able to access it and install a package using 'apt install'. Is it possible to secure a local repository using a username or password? Is there any other way to do that?

Thanks a lot.

Jeremy C. Reed

unread,

Feb 8, 2023, 8:28:10 PM2/8/23

to blue mint, aptly-discuss

See sources.list(5) manpage about http scheme in regards to a password.
Or install apt-transport-https package and reed in apt.conf(5) about
https options. See if you can use a "pass" that way too in your
sources.list. And setup the required pass authentication in your web
server configuration.

Or you can force that a certificate is required by the web-server side
configuration; for example with nginx, see:

ssl_verify_client on;

Then on apt.conf side something like:

Acquire::https::YOUR.APT.WEB.SERVER.HERE {
Verify-Peer "true";
Verify-Host "true";
CaInfo "/path/to/your/chain-certificate";
SslCert "/path/to/your/client.crt";
SslKey "/path/to/your/client.key";
};

By the way, none of the above is about aptly, but apt and the webserver
configuration.

blue mint

unread,

Feb 9, 2023, 7:35:16 AM2/9/23

to aptly-discuss

Thanks for the answer @reed. It's clear.

Reply all

Reply to author

Forward