How to add GPG key in template?
52 views
Skip to first unread message
Albin Otterhäll
Jun 7, 2016, 2:20:00 PM6/7/16
to qubes...@googlegroups.com
I'm currently setting up a development template, and need docker.
Because the version in Debian's repositories (even in backports) is
horrible outdated I need to add and fetch Docker from the official
repository.
But I've problems with adding the GPG key. The template VM doesn't want
to connect and download the keyfile. According to Marek the Fedora
template is only allowed to connect to DNF repositories. I assume it's
the same for Debian, but APT instead? How do I download and add the
keyfile to my (copy-of) Debian template?
[1]
https://groups.google.com/forum/#!searchin/qubes-users/gpg$20key/qubes-users/EyVIQMOnqWE/pN4Is3mSW70J
Because the version in Debian's repositories (even in backports) is
horrible outdated I need to add and fetch Docker from the official
repository.
But I've problems with adding the GPG key. The template VM doesn't want
to connect and download the keyfile. According to Marek the Fedora
template is only allowed to connect to DNF repositories. I assume it's
the same for Debian, but APT instead? How do I download and add the
keyfile to my (copy-of) Debian template?
[1]
https://groups.google.com/forum/#!searchin/qubes-users/gpg$20key/qubes-users/EyVIQMOnqWE/pN4Is3mSW70J
donoban
Jun 7, 2016, 2:22:47 PM6/7/16
to qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 07/06/16 20:19, Albin Otterhäll wrote:
> I'm currently setting up a development template, and need docker.
> Because the version in Debian's repositories (even in backports)
> is horrible outdated I need to add and fetch Docker from the
> official repository.
>
> But I've problems with adding the GPG key. The template VM doesn't
> want to connect and download the keyfile. According to Marek the
> Fedora template is only allowed to connect to DNF repositories. I
> assume it's the same for Debian, but APT instead? How do I download
> and add the keyfile to my (copy-of) Debian template?
>
Download it on some AppVM, check it (sha256, pgp, etc...) and them
move it to the TemplateVM...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJXVxDzAAoJEBQTENjj7QilTzMP/jG8GjiEE8OyrmrHss6IHSes
ebe+NbFkSi6uFybMf08jbgzRBgFd0H3SmKgCIeAHdnQ4Gqq1DgtdsaIL8jWx0FIC
5NZCOsRlKMLKTIOUm1rWsZddlyBgFxwP+fRiBHZxucifW1Ip2msN0FaUzHSU4lAF
lqbueG0Dz/+Y0TPVKnEhRcIFseqqn+nBSJeOguX5Il+vr9JYB33/lz5YfQy/bEgS
3nxjOevj01arK63mCmtXbjnvh1ORpGmW9bPtbA8nro00fMN2Jh3a22vtc3vmekWD
uu5OdWwtRsnRYkXLLAv0b71LVbsWLGBY83bLUcw4KOjQvAy/7tVbM6m5slBmpTuv
Wkft2vXlgSYvql9Wd9uO4nkk58PLTWn/3TKO40ZoX2ErwZhOd6qAyh5im+odKu4h
25KbDs4PgNc2Nq/rK0AYJfWYWMAlDeEod3VY0wA53NaCyy++naiFNXZnU6rRiJbz
Wi58ByQds3gBFAqzV3jKqrg+OdEM8cWZYYtkhGwKhKYzUvgFa74EYEl8Kn6PZsaD
hl/iGTvkt6vBqzQ+lEZTpveN2S3GS2R609cXGdbt1YxvmIhpVD8pv1vVd1Br/YtG
eY7JkMhwQ2hEP6TSMKzOk8YE6wVvO0xmGBV7B6HdFoeUP0dtW8Jr2PTulSUrR04O
dIr+QXb2wSsOUEcMaG10
=bozG
-----END PGP SIGNATURE-----
Hash: SHA256
On 07/06/16 20:19, Albin Otterhäll wrote:
> I'm currently setting up a development template, and need docker.
> Because the version in Debian's repositories (even in backports)
> is horrible outdated I need to add and fetch Docker from the
> official repository.
>
> But I've problems with adding the GPG key. The template VM doesn't
> want to connect and download the keyfile. According to Marek the
> Fedora template is only allowed to connect to DNF repositories. I
> assume it's the same for Debian, but APT instead? How do I download
> and add the keyfile to my (copy-of) Debian template?
>
move it to the TemplateVM...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJXVxDzAAoJEBQTENjj7QilTzMP/jG8GjiEE8OyrmrHss6IHSes
ebe+NbFkSi6uFybMf08jbgzRBgFd0H3SmKgCIeAHdnQ4Gqq1DgtdsaIL8jWx0FIC
5NZCOsRlKMLKTIOUm1rWsZddlyBgFxwP+fRiBHZxucifW1Ip2msN0FaUzHSU4lAF
lqbueG0Dz/+Y0TPVKnEhRcIFseqqn+nBSJeOguX5Il+vr9JYB33/lz5YfQy/bEgS
3nxjOevj01arK63mCmtXbjnvh1ORpGmW9bPtbA8nro00fMN2Jh3a22vtc3vmekWD
uu5OdWwtRsnRYkXLLAv0b71LVbsWLGBY83bLUcw4KOjQvAy/7tVbM6m5slBmpTuv
Wkft2vXlgSYvql9Wd9uO4nkk58PLTWn/3TKO40ZoX2ErwZhOd6qAyh5im+odKu4h
25KbDs4PgNc2Nq/rK0AYJfWYWMAlDeEod3VY0wA53NaCyy++naiFNXZnU6rRiJbz
Wi58ByQds3gBFAqzV3jKqrg+OdEM8cWZYYtkhGwKhKYzUvgFa74EYEl8Kn6PZsaD
hl/iGTvkt6vBqzQ+lEZTpveN2S3GS2R609cXGdbt1YxvmIhpVD8pv1vVd1Br/YtG
eY7JkMhwQ2hEP6TSMKzOk8YE6wVvO0xmGBV7B6HdFoeUP0dtW8Jr2PTulSUrR04O
dIr+QXb2wSsOUEcMaG10
=bozG
-----END PGP SIGNATURE-----
Albin Otterhäll
Jun 7, 2016, 2:46:02 PM6/7/16
to qubes...@googlegroups.com
donoban:
DON'T FORGET TO DOWNLOAD THE GPG KEY IN AN DISPOSABLE VM! You don't want
you template infected.
> On 07/06/16 20:19, Albin Otterhäll wrote:
>> I'm currently setting up a development template, and need docker.
>> Because the version in Debian's repositories (even in backports)
>> is horrible outdated I need to add and fetch Docker from the
>> official repository.
>
>> But I've problems with adding the GPG key. The template VM doesn't
>> want to connect and download the keyfile. According to Marek the
>> Fedora template is only allowed to connect to DNF repositories. I
>> assume it's the same for Debian, but APT instead? How do I download
>> and add the keyfile to my (copy-of) Debian template?
>
>
> Download it on some AppVM, check it (sha256, pgp, etc...) and them
> move it to the TemplateVM...
>
>
Seems to be the easiest solution to the problem. For future readers:
>> I'm currently setting up a development template, and need docker.
>> Because the version in Debian's repositories (even in backports)
>> is horrible outdated I need to add and fetch Docker from the
>> official repository.
>
>> But I've problems with adding the GPG key. The template VM doesn't
>> want to connect and download the keyfile. According to Marek the
>> Fedora template is only allowed to connect to DNF repositories. I
>> assume it's the same for Debian, but APT instead? How do I download
>> and add the keyfile to my (copy-of) Debian template?
>
>
> Download it on some AppVM, check it (sha256, pgp, etc...) and them
> move it to the TemplateVM...
>
>
DON'T FORGET TO DOWNLOAD THE GPG KEY IN AN DISPOSABLE VM! You don't want
you template infected.
Andrew David Wong
Jun 7, 2016, 9:46:11 PM6/7/16
to donoban, qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 2016-06-07 11:22, donoban wrote:
> On 07/06/16 20:19, Albin Otterhäll wrote:
>> I'm currently setting up a development template, and need docker.
>> Because the version in Debian's repositories (even in
>> backports) is horrible outdated I need to add and fetch Docker
>> from the official repository.
>
>> But I've problems with adding the GPG key. The template VM
>> doesn't want to connect and download the keyfile. According to
>> Marek the Fedora template is only allowed to connect to DNF
>> repositories. I assume it's the same for Debian, but APT instead?
>> How do I download and add the keyfile to my (copy-of) Debian
>> template?
>
>
> Download it on some AppVM, check it (sha256, pgp, etc...) and them
> move it to the TemplateVM...
>
Additional options:
- - Temporarily allow all internet access
- - (Temporarily) whitelist your keyserver or all keyservers:
Address: specify one or use "*"
Protocol: TCP
Service: pgpkeyserver
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJXV3jYAAoJENtN07w5UDAwq/YP/iAsYGMsHz4Wa63yinXGTs+Q
pkI6SpGXMiuO7avDds2pdIyeMpDgE3IqT5Z8a1dumF+SL6Nq6wbPhEWl3EncTd6T
K1fHwHy+krdf+86WtldRrZMQ/DcxcU3/+KMrPgGXDfjFhpKXNDGBF75cq+HD2ic2
zqX2JAlV0VprJ3Q8BPKakNZ48VXF1I4bHfBH/2EudcCXoWl0hEWANPToofsfqkgD
nwdqXlGWupP1onAMc7Rwt1nzkC71XpfQnal+tDsSxuyDIVwK8p+tF5g6z0B+hbM9
CeGWa62pm2+sz0kGvMU2/LyKzgLJp9SaWm1mXrmZRZwuke7xpKjAQaBxSi24EUrn
MctTBXYqqnQRFB0po2tPCsp2gvTwCFsQso++cwChI1t2aveuSqnktcX0+3OfBiFP
dqnGKj+JZLadqIifQKdTpLJY6Dupld0CdvLbZL++tX7iXYs989PRfXOC527B9S/v
1UKmFx1EQamqQNGkM6OE66X9cweDhl/Whw6kK87d5Q7e51fw1aWUxcfWQSqJNpfr
aKmyBB2dDkgEb9M3gaNjkn/wRqhyapaYESsVFysy9c0LH/1b2YA9Sj1sm/VNFvoj
3ELnn5Sm4V/rKQjxoIY87gHlha2RTqd6E+7mha77MdCN9CE2MFyoJf2Gw+JCssJN
ZNF6E3QFYruMwC65gOw1
=Sbhu
-----END PGP SIGNATURE-----
Hash: SHA512
On 2016-06-07 11:22, donoban wrote:
> On 07/06/16 20:19, Albin Otterhäll wrote:
>> I'm currently setting up a development template, and need docker.
>> Because the version in Debian's repositories (even in
>> backports) is horrible outdated I need to add and fetch Docker
>> from the official repository.
>
>> But I've problems with adding the GPG key. The template VM
>> doesn't want to connect and download the keyfile. According to
>> Marek the Fedora template is only allowed to connect to DNF
>> repositories. I assume it's the same for Debian, but APT instead?
>> How do I download and add the keyfile to my (copy-of) Debian
>> template?
>
>
> Download it on some AppVM, check it (sha256, pgp, etc...) and them
> move it to the TemplateVM...
>
- - Temporarily allow all internet access
- - (Temporarily) whitelist your keyserver or all keyservers:
Address: specify one or use "*"
Protocol: TCP
Service: pgpkeyserver
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJXV3jYAAoJENtN07w5UDAwq/YP/iAsYGMsHz4Wa63yinXGTs+Q
pkI6SpGXMiuO7avDds2pdIyeMpDgE3IqT5Z8a1dumF+SL6Nq6wbPhEWl3EncTd6T
K1fHwHy+krdf+86WtldRrZMQ/DcxcU3/+KMrPgGXDfjFhpKXNDGBF75cq+HD2ic2
zqX2JAlV0VprJ3Q8BPKakNZ48VXF1I4bHfBH/2EudcCXoWl0hEWANPToofsfqkgD
nwdqXlGWupP1onAMc7Rwt1nzkC71XpfQnal+tDsSxuyDIVwK8p+tF5g6z0B+hbM9
CeGWa62pm2+sz0kGvMU2/LyKzgLJp9SaWm1mXrmZRZwuke7xpKjAQaBxSi24EUrn
MctTBXYqqnQRFB0po2tPCsp2gvTwCFsQso++cwChI1t2aveuSqnktcX0+3OfBiFP
dqnGKj+JZLadqIifQKdTpLJY6Dupld0CdvLbZL++tX7iXYs989PRfXOC527B9S/v
1UKmFx1EQamqQNGkM6OE66X9cweDhl/Whw6kK87d5Q7e51fw1aWUxcfWQSqJNpfr
aKmyBB2dDkgEb9M3gaNjkn/wRqhyapaYESsVFysy9c0LH/1b2YA9Sj1sm/VNFvoj
3ELnn5Sm4V/rKQjxoIY87gHlha2RTqd6E+7mha77MdCN9CE2MFyoJf2Gw+JCssJN
ZNF6E3QFYruMwC65gOw1
=Sbhu
-----END PGP SIGNATURE-----
Reply all
Reply to author
Forward
0 new messages