On Wed, Nov 11, 2009 at 11:34:07AM +0100, Carsten Hoeger wrote:
i'm glad, that my patch to generate a secure apt repository has been applied and is now working.
What we need now is the possibility for Debian/Ubuntu people to import that key into their apt keyring.
Something like
wget http://opensuse.org/buildkey.pub apt-key add - < buildkey.pub
or
http://wiki.debian.org/SecureApt#Howtofindakey
but it doesn't look like the obs keys can be found on keyservers.
AFAIK the keys of the OBS projects are not pushed to any key servers. You need to download them from the particular project you want to use. Wouldn't it counted as flooding as soon as every new key would be published at the public keyservers? For rpm based repositories the key is stored at <project>/<distribution>/repodatarepomd.xml.key I've not checked how the layout of a Debian repository looks like. Lars -- Lars Müller [ˈlaː(r)z ˈmʏlɐ] Samba Team SUSE Linux, Maxfeldstraße 5, 90409 Nürnberg, Germany