[clug] Re-signing Debian Packages
jm
jeffm at ghostgun.com
Thu Jan 12 21:04:25 UTC 2023
Allows the continued use of the existing package management without
ignoring the signature while
* Being Feasible
* Doable by one person in less than a few weeks while still having
time to do other things
* Doesn't involve a major overhaul or other disruption
I'm sure I could more, but you get the general idea.
Jeff.
On 12/1/23 21:55, Tony Lewis via linux wrote:
> What's "better" in this context? More secure? Or convenience?
>
> Tony
>
> On 12/1/23 11:08, jm via linux wrote:
>> I've run into a problem with a set of legacy systems which are very
>> much stuck on an old version of debian for which the GPG package key
>> has expired. It's possible to ignore the GPG key and have apt manage
>> the packages regardless, but I was wondering if anyone new of a
>> better way? The one that comes to mind is, would it be possible to
>> resign the packages with a new in-house key? if so, how would this be
>> done and what would be involved?
>>
>> And, to short circuit this suggestion, it's not possible to do a
>> distro upgrade.
>>
>> Jeff.
>>
>>
>>
More information about the linux
mailing list