Update your copy of the Mandos Debian Archive key today!
Teddy Hogeborn
teddy at recompile.se
Sat Sep 30 16:08:44 CEST 2023
The key with key ID 153A37F10BBA0435987F2C4A72232973CA34C2C4, used to
sign the Debian packages of the latest version of Mandos which we
provide, will expire *tomorrow*, October 1, 2023. If you use Debian
packages published by us in your /etc/apt/sources.list file (or
otherwise), you *must* update your key file today in order for your apt
to succeed in updating. We are sorry for this late annoucement.
The short fix:
su -c wget --timestamping --directory-prefix=/etc/apt/keyrings https://www.recompile.se/mandos/mandos.pgp
(We have updated the key to not expire at all. Key expiration seemed
like a reasonable idea 10 years ago, but if 4096-bit RSA keys will ever
turn out to be insufficiently secure, we will switch to some more modern
algorithm.)
Note 1:
If you currenly keep your Mandos key in your server's trusted key list
as managed by apt-key(8), we recommend removing it using
apt-key del 153A37F10BBA0435987F2C4A72232973CA34C2C4
and then downloading the key as in the documentation at
<https://www.recompile.se/mandos#Download>, which has been updated to
use the modern methods. The apt-key command is deprecated, and keeping
the Mandos key in the list of trusted keys is no longer recommended.
Note 2.
If you currently have lines for Mandos in your /etc/apt/sources.list
file, the installation instructions at
<https://www.recompile.se/mandos#Download> have been updated to use the
new Deb822 format and a "/etc/apt/sources.list.d/mandos.sources" file
instead of the old way of editing /etc/apt/sources.list.
/Teddy Hogeborn
--
The Mandos Project
https://www.recompile.se/mandos
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 861 bytes
Desc: not available
URL: <http://mail.recompile.se/pipermail/mandos-dev/attachments/20230930/961c4464/attachment.sig>
More information about the Mandos-Dev
mailing list