+- PINE64 (https://forum.pine64.org)
+-- Forum: PinePhone (https://forum.pine64.org/forumdisplay.php?fid=120)
+--- Forum: PinePhone Software (https://forum.pine64.org/forumdisplay.php?fid=121)
+---- Forum: Mobian on PinePhone (https://forum.pine64.org/forumdisplay.php?fid=139)
+---- Thread: Securing the APT repository (/showthread.php?tid=10277)
Securing the APT repository - a-wai - 06-16-2020
Hi,
As this has been requested a while ago, and it made perfectly sense, we configured the repo for automatic GPG signing.
This is an important security measure, but you'll certainly experience issues while upgrading, such as this message:
Code:
W: GPG error: http://repo.mobian-project.org mobian InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 951D61F2BC232697This won't prevent you from upgrading or installing software from the repo, but it is advised you import the repo key by executing the following command:
Code:
wget -O - https://repo.mobian-project.org/mobian.gpg.key | sudo apt-key add -This will be fixed in the next nightly build (20200617), but will still be needed for older installs.
Alternatively, you can also configure the repo the way we now do it in the images:
Code:
sudo apt install extrepo
sudo extrepo enable mobian
sudo rm /etc/apt/sources.list.d/mobian.list