Mailinglist Archive: opensuse-factory (422 mails)
| < Previous | Next > |
Re: [opensuse-factory] how to sign a dud?
- From: Steffen Winterfeldt <snwint@xxxxxxx>
- Date: Wed, 7 Jan 2009 16:53:54 +0100 (CET)
- Message-id: <Pine.LNX.4.64.0901071634290.4820@xxxxxxxxxxxxxx>
On Tue, 16 Dec 2008, Peter Czanik wrote:
Basically, yes. You have to add your key to '/installkey.gpg' in the initrd.
It was a requirement from our security guys that all files need to be
checked (bug 435685). As a consequence either your key is known in the
initrd or you explicitly turn off checking with 'insecure=1'.
Steffen
--
Der frühe Wirt holt sich den Wurm.
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-factory+help@xxxxxxxxxxxx
Martin Schlander írta:
Does it mean, that if I want to sign my DUD, then I also need to provideI provide a driver update for EFIKA PPC users. Recently a new featureI think this is what you need:
was introduced to the installer, which now checks for an .asc file for
the dud. How can I create one? Using 'insecure=1' is a bit annoying
workaround, just as getting questioned about it during installation...
The file I'd like to sign is http://genesi.hu/dud.11.1.squash
http://en.opensuse.org/Secure_Installation_Sources
a modified initrd?
Basically, yes. You have to add your key to '/installkey.gpg' in the initrd.
It was a requirement from our security guys that all files need to be
checked (bug 435685). As a consequence either your key is known in the
initrd or you explicitly turn off checking with 'insecure=1'.
Steffen
--
Der frühe Wirt holt sich den Wurm.
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-factory+help@xxxxxxxxxxxx
| < Previous | Next > |