LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Slackware (http://www.linuxquestions.org/questions/slackware-14/)
-   -   GPG signature for slackbuilds packages (http://www.linuxquestions.org/questions/slackware-14/gpg-signature-for-slackbuilds-packages-837156/)

ginoboy 10-09-2010 08:38 PM

GPG signature for slackbuilds packages
 
I'm not able to generate GPG key of packages for my local SBo repository..
Example: package.tar.gz.asc

I know that's necessary GPG-KEY of SBo http://slackbuilds.org/GPG-KEY for generate signature file, but I don't know how to proceed....

Thanks..

rworkman 10-09-2010 10:24 PM

You can't create signatures using the SBo key - you have to do that with your own key. :)

ginoboy 10-10-2010 07:56 AM

Humm okay,

I really wanted to create a signature for the SBOPKG not stop at compile time by saying it has no signature ... is for personal use only on my local network. Can I create a self-signed?

How to do it RW?

I do not understand ANYTHING about digital signatures.

Thanks.

Alien Bob 10-10-2010 09:02 AM

Read sbopkg's documentation...
In the file "README-repos.d" you will find the information to configure sbopkg to use a local repository of your own SlackBuild scripts that do not have .asc files.

The .asc files at SlackBuilds.org are created using the project's GPG "secret key" which is only available to SBo admins. We would not want just anybody to create fake signature files... GPG is the way to verify that the admins in fact created the signature.

If you want to know how to create these .asc files (GPG signatures) using a GPG key of your own, then you have to create that private/public key first.

Eric

ginoboy 10-10-2010 03:33 PM

README-repos.d:
" CHECKGPG format can be "GPG" if the repo supports GPG
checking, or "" (which also must be present) if the repo does not support GPG
checks."


Works! Perfect!

I'll see if I can create my own private or public key ...

Thank you, Eric.

[]'s


All times are GMT -5. The time now is 03:35 AM.