Difference between revisions of "Talk:Pacman/Package signing"
AlexanderR (talk | contribs) (→Custom Built Pacakges Using ABS) |
AlexanderR (talk | contribs) (moved recently added discussion to the bottom) |
||
Line 1: | Line 1: | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
== Debian Keyring == | == Debian Keyring == | ||
Line 21: | Line 10: | ||
I've tried to make this page more accessible for people who are setting up package signing. If anyone who is super-familiar with pacman-key could double-check the facts, I'd appreciate it. --[[User:DJPohly|DJPohly]] 18:08, 18 January 2012 (EST) | I've tried to make this page more accessible for people who are setting up package signing. If anyone who is super-familiar with pacman-key could double-check the facts, I'd appreciate it. --[[User:DJPohly|DJPohly]] 18:08, 18 January 2012 (EST) | ||
+ | |||
+ | == Custom Built Pacakges Using ABS == | ||
+ | |||
+ | Can someone add info on how to sign AND trust custom built packages, e.g. a package I've built using ABS? --[[User:sjnims|sjnims]] 06:05, 12 April 2012 (EST) | ||
+ | : {{Note|This should actually be placed in [[Package signing]] instead of current useless redirect to outdated developers' article}} | ||
+ | # Create personal key with gnupg (it will be located in user's default keychain independantly from stuff in pacman's {{Ic|/etc/pacman.d/gnupg/}}): {{bc|gpg --gen-key}}. | ||
+ | # Import generated key into pacman's keychain ({{Ic|pacman-key --import}}) from your {{Ic|~/.gnupg}}. | ||
+ | # Add your signing key to trusted ones, like you did with developers' keys (again {Ic|pacman-key}}). | ||
+ | # '''Optional''': configure {{Ic|gpg-agent}} and other such stuff (see {{Ic|~/.gnupg/gpg.conf}}). | ||
+ | : For exact instructions and explanations see {{Ic|man pacman-key}}, {{Ic|man gpg}} and [[GnuPG]]. | ||
+ | : --[[User:AlexanderR|AlexanderR]] 10:07, 12 April 2012 (EDT) |
Revision as of 14:09, 12 April 2012
Debian Keyring
Could some key developers sign /developers and /trustedusers or create something like debian-keyring package? That would allow a transition from implicit trust to [core]+[extra] to gpg-based trust model.
Currently there is no way to verify if /developers and /trustedusers are correct, and to build a trusted initial keyring...
Srg 07:08, 17 January 2012 (EST)
Cleaning up
I've tried to make this page more accessible for people who are setting up package signing. If anyone who is super-familiar with pacman-key could double-check the facts, I'd appreciate it. --DJPohly 18:08, 18 January 2012 (EST)
Custom Built Pacakges Using ABS
Can someone add info on how to sign AND trust custom built packages, e.g. a package I've built using ABS? --sjnims 06:05, 12 April 2012 (EST)
- Note: This should actually be placed in Package signing instead of current useless redirect to outdated developers' article
- Create personal key with gnupg (it will be located in user's default keychain independantly from stuff in pacman's
/etc/pacman.d/gnupg/
):gpg --gen-key
. - Import generated key into pacman's keychain (
pacman-key --import
) from your~/.gnupg
. - Add your signing key to trusted ones, like you did with developers' keys (again {Ic|pacman-key}}).
- Optional: configure
gpg-agent
and other such stuff (see~/.gnupg/gpg.conf
).
- For exact instructions and explanations see
man pacman-key
,man gpg
and GnuPG. - --AlexanderR 10:07, 12 April 2012 (EDT)