LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices

Reply
 
Search this Thread
Old 10-09-2010, 08:38 PM   #1
ginoboy
LQ Newbie
 
Registered: Oct 2009
Distribution: Slackware
Posts: 14

Rep: Reputation: 0
GPG signature for slackbuilds packages


I'm not able to generate GPG key of packages for my local SBo repository..
Example: package.tar.gz.asc

I know that's necessary GPG-KEY of SBo http://slackbuilds.org/GPG-KEY for generate signature file, but I don't know how to proceed....

Thanks..
 
Old 10-09-2010, 10:24 PM   #2
rworkman
Slackware Contributor
 
Registered: Oct 2004
Location: Tuscaloosa, Alabama (USA)
Distribution: Slackware
Posts: 1,912

Rep: Reputation: Disabled
You can't create signatures using the SBo key - you have to do that with your own key.
 
Old 10-10-2010, 07:56 AM   #3
ginoboy
LQ Newbie
 
Registered: Oct 2009
Distribution: Slackware
Posts: 14

Original Poster
Rep: Reputation: 0
Humm okay,

I really wanted to create a signature for the SBOPKG not stop at compile time by saying it has no signature ... is for personal use only on my local network. Can I create a self-signed?

How to do it RW?

I do not understand ANYTHING about digital signatures.

Thanks.
 
Old 10-10-2010, 09:02 AM   #4
Alien Bob
Slackware Contributor
 
Registered: Sep 2005
Location: Eindhoven, The Netherlands
Distribution: Slackware
Posts: 5,191

Rep: Reputation: Disabled
Read sbopkg's documentation...
In the file "README-repos.d" you will find the information to configure sbopkg to use a local repository of your own SlackBuild scripts that do not have .asc files.

The .asc files at SlackBuilds.org are created using the project's GPG "secret key" which is only available to SBo admins. We would not want just anybody to create fake signature files... GPG is the way to verify that the admins in fact created the signature.

If you want to know how to create these .asc files (GPG signatures) using a GPG key of your own, then you have to create that private/public key first.

Eric
 
Old 10-10-2010, 03:33 PM   #5
ginoboy
LQ Newbie
 
Registered: Oct 2009
Distribution: Slackware
Posts: 14

Original Poster
Rep: Reputation: 0
README-repos.d:
" CHECKGPG format can be "GPG" if the repo supports GPG
checking, or "" (which also must be present) if the repo does not support GPG
checks."


Works! Perfect!

I'll see if I can create my own private or public key ...

Thank you, Eric.

[]'s
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Is the GPG signature really nessesary when updating? eagledt63 Fedora 2 02-06-2006 06:00 PM
GPG Signature problem in up2date dineshjk Red Hat 1 08-09-2004 07:08 AM
does not have GPG signature mackol Linux - Software 0 05-26-2004 09:57 PM
package does not have valid GPG signature amOrpheus Linux - Newbie 3 01-20-2004 06:48 PM
apt GPG Signature Issue blaroe Fedora 2 01-13-2004 10:08 PM


All times are GMT -5. The time now is 08:07 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration