Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

How can I disable signature check for a Debian CD?

278 views
Skip to first unread message

Onur Aslan

unread,
Sep 10, 2010, 7:40:01 AM9/10/10
to
Hi.

I am using Debian CD images as a local repository. I am mounting a CD and
using it with this source list:

deb file:///mnt lenny main

Everything working fine but the problem is when I try to install a package
from this repository, apt is always warn me about untrusted repository.

Is it possible disable signature check for my CD location?


--
To UNSUBSCRIBE, email to debian-us...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listm...@lists.debian.org
Archive: http://lists.debian.org/20100910112218.GA4045@localhost

Kumar Appaiah

unread,
Sep 10, 2010, 8:00:02 AM9/10/10
to
On Fri, Sep 10, 2010 at 02:22:19PM +0300, Onur Aslan wrote:
> I am using Debian CD images as a local repository. I am mounting a CD and
> using it with this source list:
>
> deb file:///mnt lenny main
>
> Everything working fine but the problem is when I try to install a package
> from this repository, apt is always warn me about untrusted repository.
>
> Is it possible disable signature check for my CD location?

Is there a particular reason why you don't want to use apt-cdrom to
use the CD repositories? It is much easier than mounting the CD to use
it.

In any case, to fix the error you get, you have to identify the GPG
key corresponding to the CD, and obtain it (preferably in a trusted
manner), and do

sudo apt-ket add - < key

Again, if apt-cdrom works, I would personally prefer that.

Thanks.

Kumar
--
#if _FP_W_TYPE_SIZE < 32
#error "Here's a nickel kid. Go buy yourself a real computer."
#endif
-- linux/arch/sparc64/double.h


--
To UNSUBSCRIBE, email to debian-us...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listm...@lists.debian.org

Archive: http://lists.debian.org/2010091011...@bluemoon.alumni.iitm.ac.in

Kumar Appaiah

unread,
Sep 10, 2010, 8:30:02 AM9/10/10
to
On Fri, Sep 10, 2010 at 03:14:11PM +0300, Onur Aslan wrote:
> > In any case, to fix the error you get, you have to identify the GPG
> > key corresponding to the CD, and obtain it (preferably in a trusted
> > manner), and do
> >
> > sudo apt-ket add - < key
>
> Where can I get this keys? CD images doesn't have signatures.

Please paste the error message here. It would contain the key ID.

Kumar
--
The most important design issue... is the fact that Linux is supposed to
be fun...
-- Linus Torvalds at the First Dutch International Symposium on Linux


--
To UNSUBSCRIBE, email to debian-us...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listm...@lists.debian.org

Archive: http://lists.debian.org/2010091012...@bluemoon.alumni.iitm.ac.in

Onur Aslan

unread,
Sep 10, 2010, 8:40:01 AM9/10/10
to
On Fri, Sep 10, 2010 at 06:58:01AM -0500, Kumar Appaiah wrote:
> Is there a particular reason why you don't want to use apt-cdrom to
> use the CD repositories? It is much easier than mounting the CD to use
> it.

I also tried apt-cdrom but I have same problem with apt-cdrom.

I added my image with:
apt-cdrom -m -d /mnt add

It's successfuly added but aptitude is showing packages as from
untrusted source.

> In any case, to fix the error you get, you have to identify the GPG
> key corresponding to the CD, and obtain it (preferably in a trusted
> manner), and do
>
> sudo apt-ket add - < key

Where can I get this keys? CD images doesn't have signatures.


--
To UNSUBSCRIBE, email to debian-us...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listm...@lists.debian.org

Archive: http://lists.debian.org/20100910121411.GA8577@localhost

Onur Aslan

unread,
Sep 10, 2010, 9:00:01 AM9/10/10
to
On Fri, Sep 10, 2010 at 07:25:54AM -0500, Kumar Appaiah wrote:
> Please paste the error message here. It would contain the key ID.

There is no error. Debian CD images doesn't have any signature or key.

Or maybe I am doing something wrong.

Also I want to add, I don't have any CD-ROM drive. I am using CD images,
after mount them to somewhere.


--
To UNSUBSCRIBE, email to debian-us...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listm...@lists.debian.org

Archive: http://lists.debian.org/20100910123603.GA8741@localhost

Kumar Appaiah

unread,
Sep 10, 2010, 9:50:01 AM9/10/10
to
On Fri, Sep 10, 2010 at 03:36:03PM +0300, Onur Aslan wrote:
> On Fri, Sep 10, 2010 at 07:25:54AM -0500, Kumar Appaiah wrote:
> > Please paste the error message here. It would contain the key ID.
>
> There is no error. Debian CD images doesn't have any signature or key.

I see. I thought apt-get update would actually warn about the missing
keys; maybe I was wrong.

You could try looking for the Release.gpg file in your CD and trying
out this:

gpg --verify Release.gpg Release

That would tell you the keys which were used to sign the files. For
instance:

gpg: Signature made Sat 04 Sep 2010 12:30:28 PM CDT using RSA key ID 55BE302B
gpg: Can't check signature: public key not found
gpg: Signature made Sat 04 Sep 2010 12:37:54 PM CDT using DSA key ID F42584E6
gpg: Can't check signature: public key not found

Please let me know if this helps.

Kumar


--
To UNSUBSCRIBE, email to debian-us...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listm...@lists.debian.org

Archive: http://lists.debian.org/20100910134...@bowser.ece.utexas.edu

Onur Aslan

unread,
Sep 10, 2010, 11:50:02 AM9/10/10
to
Kumar thank you for your help.

But Debian is identify their CDs in a different way. I don't know how to
doing this. The repository in the images are not signed. When I use CD
images after burn them to a blank CD, Debian successfully identify cdroms.
But when I try to use them as images after mount them to somewhere,
Debian doesn't identify local repository as trusted.

Maybe it is not possible at all. I want to do this because I have only
first DVD image of Debian. When I need another package which I dont have
one, I am adding a ftp url to my sources.list. When I do this Debian
is using only this url because my local repository is untrusted.

In the early times, I was manually sign my local Release. Maybe I should
continue to do this.

Archive: http://lists.debian.org/20100910152649.GA9099@localhost

Kumar Appaiah

unread,
Sep 10, 2010, 2:20:02 PM9/10/10
to
On Fri, Sep 10, 2010 at 06:26:49PM +0300, Onur Aslan wrote:
> In the early times, I was manually sign my local Release. Maybe I should
> continue to do this.

Since I don't have any other ideas, I'd actually not be averse to
that. You could sign your repository yourself, with a key which APT is
aware of.

If someone else can point our the "right" way, please do.

Thanks.

Kumar
--
Avoid the Gates of Hell. Use Linux
(Unknown source)


--
To UNSUBSCRIBE, email to debian-us...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listm...@lists.debian.org

Archive: http://lists.debian.org/20100910181...@146653177.ece.utexas.edu

Brian Ryans

unread,
Sep 14, 2010, 1:30:03 PM9/14/10
to
Quoting Kumar Appaiah on 2010-09-10 13:18:06, in Message-Id
<20100910181...@146653177.ece.utexas.edu>

> If someone else can point our the "right" way, please do.

,----[ /etc/apt/apt.conf.d/00trustcdrom ]-
| APT::Authentication::TrustCDROM "true";
`----

--
_ Brian Ryans 8B2A 54C4 E275 8CFD 8A7D 5D0B 0AD0 B014 C112 13D0 .
( ) ICQ 43190205 | Mail/Jabber/Yahoo/MSN: Brian...@gmail.com ..:
X ASCII Ribbon Campaign Against HTML mail and v-cards: asciiribbon.org
/ \ /* Witty quotes of 68 chars or less here. Email me for more info. */

signature.asc
0 new messages