update repository

[gerardo....@gmail.com]

Has anyone had any luck deploying a local update repository? If so, I would appreciate any guides anyone is willing to share. Thank you

Gerardo

[KennyWap]

Setting up an APT repository is rather easy and this guide should get you pretty much everything:

https://www.packtpub.com/books/content/create-local-ubuntu-repository-using-apt-mirror-and-apt-cacher

I also mirror Doug's PPA to spin up and update Onions at will on my local mirror.

You can use apt-mirror that is in the guide or deb-mirror which is very simple to set up as well. I believe both are just perl scripts under the hood. If you need any help mirroring the Security Onion PPA I can assist with that as well.

[gerardo....@gmail.com]

KennyWap,

Thanks for the info. I think I have the Ubuntu repo working. Is it basically the same for the security onion PPA? I'm thinking comment out

deb http://ppa.launchpad.net/securityonion/stable/ubuntu trusty main
from /securityonion-stable-trusty.list

and copy it to the mirror.list file.

Gerardo

[gerardo....@gmail.com]

KennyWap,

Also, do I need all of the following in mirror.list file: deb, deb-src, deb-i386 and deb-amd64. Or just the deb-i386 and deb-amd64

[KennyWap]

I believe that in the mirror.list it defines the default architecture of whatever the apt-mirror's OS arch is so leaving it deb will refer to the amd64 arch and you will just need to add deb-i386.

you can mirror the source (deb-src) if you want but is not necessary:

https://unix.stackexchange.com/questions/20504/the-difference-between-deb-versus-deb-src-in-sources-list

You may have also ran into the issue of trying to add the Security Onion repo directly into the sources.list onto a server and receiving a key error after running apt-get update:

Reading package lists... Done W: GPG error: http://ppa.launchpad.net trusty InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E1E6759023F386C7

you will have to manually add the key which you can do by hosting it as a file on your apache web server.

1. grab the Security Onion key from here (Its found on the Security Onion launchpad site):

http://keyserver.ubuntu.com:11371/pks/lookup?op=get&search=0xE1E6759023F386C7

2. paste it into a file (lets say securityonion.key) to host on your web server including "-----BEGIN PGP PUBLIC KEY BLOCK-----" to "-----END PGP PUBLIC KEY BLOCK-----"

3. put it where ever you need in /var/www/ to host it.

4. execute this to pull it down from the web server to your key ring:

wget -qO - http://mirror.test.local/securityonion.key | sudo apt-key add -

5. verify

sudo apt-key list

Another way to do this all this is to run an sks server locally as well and add keys that way. I can do a write up for that as well if you need and let me know if you have any issues!