aptly
aptly copied to clipboard
aptly-dev
Establish trust in new Aptly signing key
It seems like the Aptly signing key for packages was changed.
Please sign the new key to establish trust in the debian key server.
Also, maybe announce the key fingerprint for verification on the mailing list and add it to the web site.
Thanks.
The key published at https://www.aptly.info/pubkey.txt as referred to on https://www.aptly.info/download/ has the same partial fingerprint A0546A43624A8331 as referred to on the same page. I would like to see the whole 78D6517AB92E22947F577996A0546A43624A8331 there.
$ wget -O - https://www.aptly.info/pubkey.txt | gpg
gpg: WARNING: no command supplied. Trying to guess what you mean ...
--2023-06-29 17:20:30-- https://www.aptly.info/pubkey.txt
Resolving www.aptly.info (www.aptly.info)... 2606:50c0:8000::153, 2606:50c0:8003::153, 2606:50c0:8002::153, ...
Connecting to www.aptly.info (www.aptly.info)|2606:50c0:8000::153|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 2074 (2,0K) [text/plain]
Saving to: ‘STDOUT’
- 100%[=========================================>] 2,03K --.-KB/s in 0s
2023-06-29 17:20:30 (14,3 MB/s) - written to stdout [2074/2074]
pub rsa2048 2022-03-14 [SCE]
78D6517AB92E22947F577996A0546A43624A8331
uid Aptly Repository <[email protected]>
sub rsa2048 2022-03-14 [SE]
Signing the new key with the old key should also be trivial, if the old key is still available.
