How to sign a remote repository, i.e. forward agent
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Jun 30 19:06:58 CEST 2010
On 06/29/2010 03:40 PM, Carsten Aulbert wrote:
> My problem is relatively simple. We provide a (Debian) repository for our
> colleagues as well as ourselves and would like to sign it
[ ... ]
> Anyone with an idea how to accomplish this?
I maintain several signed apt repositories. I never forward an agent to
maintain them, and my secret key never leaves my trusted physical
console. My workflow is:
* do reprepro work against my local copy of the repo (including signing
the relevant indexes)
* rsync -avz --delete dists pool owner at remote.test:/path/to/archive/
that is, i transfer already-signed files (the relevant ones, namely the
contents of dist/ and pool/) via rsync to the remote host that provides
public downloads.
Does this workflow work for you? if not, why not?
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 892 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20100630/8a197aed/attachment.pgp>
More information about the Gnupg-users
mailing list