how to update mobian over tor
#1
Code:
sudo apt install apt-transport-tor  tor

 Edit  /etc/apt/sources.list  as root

Code:
sudo nano  /etc/apt/sources.list   

Make it look as


Code:
#deb  http://deb.debian.org/debian bookworm main
deb  tor://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm main

Edit  /etc/apt/sources.list.d/extrepo_mobian.sources  as root

Code:
sudo nano /etc/apt/sources.list.d/extrepo_mobian.sources

and put    tor+  in front of  the https://repo.mobian-project.org/   url

Code:
Uris: tor+https://repo.mobian-project.org/





Who knows why mobian doesn't use the debian-security repository by default?   My mate says it is a good idea to add it to /etc/apt/sources.list

Code:
deb  tor://5ajw6aqf3ep7sijnscdzw77t7xq4xjpsy335yb2wiwgouo7yfxtjlmid.onion/debian-security bookworm-security main
  Reply
#2
Thanks I was looking for this :
Code:
#deb http://deb.debian.org/debian bookworm main
deb tor://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm main

Edit /etc/apt/sources.list.d/extrepo_mobian.sources as root
  Reply
#3
Who knows why mobian doesn't use the debian-security repository by default?
  Reply
#4
(01-26-2022, 02:14 PM)vusra Wrote: Who knows why mobian doesn't use the debian-security repository by default?

this is a good question, I believe it's because it may break the system, the same way as using Debian Sid you don't want the security repo as it's aimed at stable. Please correct me if I am wrong.
  Reply
#5
(01-29-2022, 01:16 AM)user641 Wrote:
(01-26-2022, 02:14 PM)vusra Wrote: Who knows why mobian doesn't use the debian-security repository by default?

this is a good question, I believe it's because it may break the system, the same way as using Debian Sid you don't want the security repo as it's aimed at stable. Please correct me if I am wrong.

https://www.debian.org/security/faq#testing 
Quote:Q: How is security handled for testing?

A: Security for testing benefits from the security efforts of the entire project for unstable. However, there is a minimum two-day migration delay, and sometimes security fixes can be held up by transitions. The Security Team helps to move along those transitions holding back important security uploads, but this is not always possible and delays may occur. Especially in the months after a new stable release, when many new versions are uploaded to unstable, security fixes for testing may lag behind. If you want to have a secure (and stable) server you are strongly encouraged to stay with stable.

Why mobian doesn't use the debian-security repository by default?
  Reply
#6
(01-30-2022, 11:51 PM)vusra Wrote:
(01-29-2022, 01:16 AM)user641 Wrote:
(01-26-2022, 02:14 PM)vusra Wrote: Who knows why mobian doesn't use the debian-security repository by default?

this is a good question, I believe it's because it may break the system, the same way as using Debian Sid you don't want the security repo as it's aimed at stable. Please correct me if I am wrong.

https://www.debian.org/security/faq#testing 
Quote:Q: How is security handled for testing?

A: Security for testing benefits from the security efforts of the entire project for unstable. However, there is a minimum two-day migration delay, and sometimes security fixes can be held up by transitions. The Security Team helps to move along those transitions holding back important security uploads, but this is not always possible and delays may occur. Especially in the months after a new stable release, when many new versions are uploaded to unstable, security fixes for testing may lag behind. If you want to have a secure (and stable) server you are strongly encouraged to stay with stable.

Why mobian doesn't use the debian-security repository by default?

From my understanding mobian does not use the debian-security repos for the same reason debian testing and unstable don't either. debian-security is meant for stable, and mobian is kind of a wip atm.
  Reply
#7
According to faq bookworm or testing repo is supported by debian security team https://security.debian.org/debian-security/dists/    Why doesn't mobian use it by default?
  Reply
#8
(01-17-2022, 01:48 PM)alanwake82 Wrote: Thanks I was looking for this :
Code:
#deb  http://deb.debian.org/debian bookworm main
deb  tor://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm main

Edit  /etc/apt/sources.list.d/extrepo_mobian.sources  as root

I just did the whole thing, but /etc/apt/sources.list.d/extrepo_mobian.sources on mine is empty, should I add the line:
Code:
tor+https://repo.mobian-project.org/

?

Is it /etc/apt/sources.list.d/mobian.list instead of /etc/apt/sources.list.d/extrepo_mobian.sources ?
  Reply
#9
(02-06-2022, 05:00 AM)vusra Wrote: According to faq bookworm or testing repo is supported by debian security team https://security.debian.org/debian-security/dists/    Why doesn't mobian use it by default?

Now it got even more important to pay atention to the security aspect: https://blog.mobian-project.org/posts/20...-analysis/

"Disclaimer: while being enthusiastic nerds, none of the Mobian developers is a security expert."
  Reply
#10
updated instructions for bookworm
Code:
sudo apt install apt-transport-tor  tor
make /etc/apt/sources.list look as
Code:
#deb http://deb.debian.org/debian bookworm main
#deb http://security.debian.org/ bookworm-security main
deb tor://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm main
deb tor://5ajw6aqf3ep7sijnscdzw77t7xq4xjpsy335yb2wiwgouo7yfxtjlmid.onion/debian-security bookworm-security main

make /etc/apt/sources.list.d/mobian.list look as
Code:
#deb http://repo.mobian.org/ bookworm main non-free-firmware
deb tor+https://repo.mobian.org/ bookworm main non-free-firmware
  Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Mobian, Suspend, and Audio Playback biketool 0 41 Today, 12:56 AM
Last Post: biketool
  Upgrade to Mobian (Trixie) Staging biketool 12 543 12-06-2024, 05:46 PM
Last Post: vusra
  bookworm vs trixie discussion for mobian in pinephone regular. zetabeta 41 8,991 11-27-2024, 10:39 AM
Last Post: fernando_c_m
  atinout binaries for mobian/debian? NeutralGrey 4 1,455 10-31-2024, 04:16 AM
Last Post: astylethargic
  Mobian-Kicksecure? 3460p 0 874 05-26-2024, 02:09 PM
Last Post: 3460p
  Mobian repository status henrythemouse 16 12,298 04-10-2024, 10:02 AM
Last Post: diederik
  cant verify mobian image at website gnugpg penguins_rule 0 930 03-18-2024, 08:54 PM
Last Post: penguins_rule
  mobian installed to eMMC - how to install tow-boot grump_fiddle_reinstall 6 4,044 11-22-2023, 11:46 AM
Last Post: aLoop100o
  What actions needed to keep on mobian testing user641 3 2,641 09-05-2023, 06:44 AM
Last Post: Zebulon Walton
  Mobian boot failed with zstd message after upgrade. Mahgue 0 985 09-01-2023, 11:29 AM
Last Post: Mahgue

Forum Jump:


Users browsing this thread: 2 Guest(s)