[clug] Re-signing Debian Packages
Tony Lewis
tony at lewistribe.com
Thu Jan 12 10:55:14 UTC 2023
What's "better" in this context? More secure? Or convenience?
Tony
On 12/1/23 11:08, jm via linux wrote:
> I've run into a problem with a set of legacy systems which are very
> much stuck on an old version of debian for which the GPG package key
> has expired. It's possible to ignore the GPG key and have apt manage
> the packages regardless, but I was wondering if anyone new of a better
> way? The one that comes to mind is, would it be possible to resign the
> packages with a new in-house key? if so, how would this be done and
> what would be involved?
>
> And, to short circuit this suggestion, it's not possible to do a
> distro upgrade.
>
> Jeff.
>
>
>
More information about the linux
mailing list