Skip to content
This repository has been archived by the owner on Jun 5, 2023. It is now read-only.

Installation instructions are wrong #156

Open
KOLANICH opened this issue Jan 9, 2023 · 0 comments
Open

Installation instructions are wrong #156

KOLANICH opened this issue Jan 9, 2023 · 0 comments
Assignees
@Naraenda

Comments

@KOLANICH
Copy link

KOLANICH commented Jan 9, 2023

These instructions don't match the modern security practices.

apt-key is not used anymore. Instead

  1. the key file (non-ascii-armored one, but a minimal one, exported with gpg --export --export-options=export-minimal CA8BB4727A47B4D09B4EE8969386B48A1A693C5C > rocm.gpg) is downloaded and put into a dir within a local filesystem (OTHER THAN /etc/apt/trusted.gpg.d, but any other dir, like /usr/share/keyrings/ or /etc/apt/trusted.gpg.d-3rdp/).
  2. then the repo is bound to the key file using signed-by= option

Read https://wiki.debian.org/DebianRepository/UseThirdParty for more info.
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@Naraenda Naraenda

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@KOLANICH @Naraenda