何时开始支持最后两个版本用于迁移目的?
何时开始支持最后两个版本用于迁移目的?
提问于 2019-04-28 01:03:03
今天我在玩Debian的安装,发现了一件有趣的事情。如果我这么做的话。
$ apt-key list
/etc/apt/trusted.gpg
--------------------
pub rsa4096 2019-04-15 [SC] [expires: 2024-04-13]
12D4 CD60 0C22 40A9 F4A8 2071 D7B0 B669 41D0 1538
uid [ unknown] riot.im packages
sub rsa3072 2019-04-15 [S] [expires: 2021-04-14]
pub rsa4096 2019-04-15 [SC] [expires: 2024-04-13]
AAF9 AE84 3A75 84B5 A3E4 CD2B CF45 A512 DE2D A058
uid [ unknown] matrix.org packages
sub rsa3072 2019-04-15 [S] [expires: 2021-04-14]
pub rsa4096 2017-05-22 [SC] [expires: 2025-05-20]
E1CF 20DD FFE4 B89E 8026 58F1 E0B1 1894 F66A EC98
uid [ unknown] Debian Archive Automatic Signing Key (9/stretch)
sub rsa4096 2017-05-22 [S] [expires: 2025-05-20]
pub rsa4096 2014-11-21 [SC] [expires: 2022-11-19]
D211 6914 1CEC D440 F2EB 8DDA 9D6D 8F6B C857 C906
uid [ unknown] Debian Security Archive Automatic Signing Key (8/jessie)
/etc/apt/trusted.gpg.d/debian-archive-buster-automatic.gpg
----------------------------------------------------------
pub rsa4096 2019-04-14 [SC] [expires: 2027-04-12]
80D1 5823 B7FD 1561 F9F7 BCDD DC30 D7C2 3CBB ABEE
uid [ unknown] Debian Archive Automatic Signing Key (10/buster)
sub rsa4096 2019-04-14 [S] [expires: 2027-04-12]
/etc/apt/trusted.gpg.d/debian-archive-buster-security-automatic.gpg
-------------------------------------------------------------------
pub rsa4096 2019-04-14 [SC] [expires: 2027-04-12]
5E61 B217 265D A980 7A23 C5FF 4DFA B270 CAA9 6DFA
uid [ unknown] Debian Security Archive Automatic Signing Key (10/buster)
sub rsa4096 2019-04-14 [S] [expires: 2027-04-12]
/etc/apt/trusted.gpg.d/debian-archive-buster-stable.gpg
-------------------------------------------------------
pub rsa4096 2019-02-05 [SC] [expires: 2027-02-03]
6D33 866E DD8F FA41 C014 3AED DCC9 EFBF 77E1 1517
uid [ unknown] Debian Stable Release Key (10/buster) 当我使用时,我很好奇为什么它会有jessie和弹力键。在上面这两把钥匙-
pub rsa4096 2017-05-22 [SC] [expires: 2025-05-20]
E1CF 20DD FFE4 B89E 8026 58F1 E0B1 1894 F66A EC98
uid [ unknown] Debian Archive Automatic Signing Key (9/stretch)
sub rsa4096 2017-05-22 [S] [expires: 2025-05-20]
pub rsa4096 2014-11-21 [SC] [expires: 2022-11-19]
D211 6914 1CEC D440 F2EB 8DDA 9D6D 8F6B C857 C906
uid [ unknown] Debian Security Archive Automatic Signing Key (8/jessie) 我用-
$ sudo apt-key del E1CF20DDFFE4B89E802658F1E0B11894F66AEC98以及-
$ sudo apt-key del D21169141CECD440F2EB8DDA9D6D8F6BC857C906当两个键都被删除时,我得到了pub键错误。
$ sudo apt update
Hit:1 http://cdn-fastly.deb.debian.org/debian buster InRelease
Err:1 http://cdn-fastly.deb.debian.org/debian buster InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7638D0442B90D010 NO_PUBKEY 04EE7237B7D453EC
Hit:2 http://cdn-fastly.deb.debian.org/debian-security buster/updates InRelease
Err:2 http://cdn-fastly.deb.debian.org/debian-security buster/updates InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 9D6D8F6BC857C906 NO_PUBKEY AA8E81B4331F7F50
Hit:3 http://cdn-fastly.deb.debian.org/debian unstable InRelease
Err:3 http://cdn-fastly.deb.debian.org/debian unstable InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7638D0442B90D010 NO_PUBKEY 04EE7237B7D453EC
Hit:4 http://cdn-fastly.deb.debian.org/debian experimental InRelease
Err:4 http://cdn-fastly.deb.debian.org/debian experimental InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7638D0442B90D010 NO_PUBKEY 04EE7237B7D453EC
Hit:5 http://debug.mirrors.debian.org/debian-debug buster-debug InRelease
Err:5 http://debug.mirrors.debian.org/debian-debug buster-debug InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7638D0442B90D010 NO_PUBKEY 04EE7237B7D453EC
Hit:6 http://debug.mirrors.debian.org/debian-debug unstable-debug InRelease
Hit:7 http://debug.mirrors.debian.org/debian-debug experimental-debug InRelease
Err:6 http://debug.mirrors.debian.org/debian-debug unstable-debug InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7638D0442B90D010 NO_PUBKEY 04EE7237B7D453EC
Err:7 http://debug.mirrors.debian.org/debian-debug experimental-debug InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7638D0442B90D010 NO_PUBKEY 04EE7237B7D453EC
Hit:8 https://packages.riot.im/debian buster InRelease
Reading package lists... Done
Building dependency tree
Reading state information... Done
3 packages can be upgraded. Run 'apt list --upgradable' to see them.
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://cdn-fastly.deb.debian.org/debian buster InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7638D0442B90D010 NO_PUBKEY 04EE7237B7D453EC
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://cdn-fastly.deb.debian.org/debian-security buster/updates InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 9D6D8F6BC857C906 NO_PUBKEY AA8E81B4331F7F50
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://cdn-fastly.deb.debian.org/debian unstable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7638D0442B90D010 NO_PUBKEY 04EE7237B7D453EC
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://cdn-fastly.deb.debian.org/debian experimental InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7638D0442B90D010 NO_PUBKEY 04EE7237B7D453EC
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://debug.mirrors.debian.org/debian-debug buster-debug InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7638D0442B90D010 NO_PUBKEY 04EE7237B7D453EC
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://debug.mirrors.debian.org/debian-debug unstable-debug InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7638D0442B90D010 NO_PUBKEY 04EE7237B7D453EC
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://debug.mirrors.debian.org/debian-debug experimental-debug InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7638D0442B90D010 NO_PUBKEY 04EE7237B7D453EC
W: Failed to fetch http://cdn-fastly.deb.debian.org/debian/dists/buster/InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7638D0442B90D010 NO_PUBKEY 04EE7237B7D453EC
W: Failed to fetch http://cdn-fastly.deb.debian.org/debian-security/dists/buster/updates/InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 9D6D8F6BC857C906 NO_PUBKEY AA8E81B4331F7F50
W: Failed to fetch http://cdn-fastly.deb.debian.org/debian/dists/unstable/InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7638D0442B90D010 NO_PUBKEY 04EE7237B7D453EC
W: Failed to fetch http://cdn-fastly.deb.debian.org/debian/dists/experimental/InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7638D0442B90D010 NO_PUBKEY 04EE7237B7D453EC
W: Failed to fetch http://debug.mirrors.debian.org/debian-debug/dists/buster-debug/InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7638D0442B90D010 NO_PUBKEY 04EE7237B7D453EC
W: Failed to fetch http://debug.mirrors.debian.org/debian-debug/dists/unstable-debug/InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7638D0442B90D010 NO_PUBKEY 04EE7237B7D453EC
W: Failed to fetch http://debug.mirrors.debian.org/debian-debug/dists/experimental-debug/InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7638D0442B90D010 NO_PUBKEY 04EE7237B7D453E我的/etc/apt/sources.list .列表是-
$ cat /etc/apt/sources.list
#### Debian buster #########
deb http://cdn-fastly.deb.debian.org/debian/ buster main contrib non-free
deb-src http://cdn-fastly.deb.debian.org/debian buster main contrib non-free
deb http://cdn-fastly.deb.debian.org/debian-security buster/updates main
deb-src http://cdn-fastly.deb.debian.org/debian-security buster/updates main
#### Debian unstable #########
deb http://cdn-fastly.deb.debian.org/debian unstable main contrib non-free
deb-src http://cdn-fastly.deb.debian.org/debian unstable main contrib non-free
#### Debian experimental #########
deb http://cdn-fastly.deb.debian.org/debian experimental main contrib
deb-src http://cdn-fastly.deb.debian.org/debian experimental main contrib
##### Debian Debug packages #######
deb http://debug.mirrors.debian.org/debian-debug/ buster-debug main
deb http://debug.mirrors.debian.org/debian-debug/ unstable-debug main
deb http://debug.mirrors.debian.org/debian-debug/ experimental-debug main
######## Third party repos #######
deb https://riot.im/packages/debian/ buster main并且必须使用gpg导入它们(我知道它不安全,但必须这样做-)
# gpg --recv-keys AA8E81B4331F7F50
gpg: key EDA0D2388AE22BA9: 11 signatures not checked due to missing keys
gpg: key EDA0D2388AE22BA9: public key "Debian Security Archive Automatic Signing Key (9/stretch) " imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1然后-
# gpg --export AA8E81B4331F7F50 | apt-key add
OK我很想知道什么时候开始用最新的钥匙来支持旧版本的签名?这是最近的现象,还是很旧的现象?我是说它是在Etch (4.0)还是以后做的?
更新-它开始作为一个Strech安装,i.9,现在有破坏者。
至于另一个问题:/etc/apt/受托人.gpg.d/ As -
/etc/apt/trusted.gpg.d/debian-archive-buster-automatic.gpg
----------------------------------------------------------
pub rsa4096 2019-04-14 [SC] [expires: 2027-04-12]
80D1 5823 B7FD 1561 F9F7 BCDD DC30 D7C2 3CBB ABEE
uid [ unknown] Debian Archive Automatic Signing Key (10/buster)
sub rsa4096 2019-04-14 [S] [expires: 2027-04-12]
/etc/apt/trusted.gpg.d/debian-archive-buster-security-automatic.gpg
-------------------------------------------------------------------
pub rsa4096 2019-04-14 [SC] [expires: 2027-04-12]
5E61 B217 265D A980 7A23 C5FF 4DFA B270 CAA9 6DFA
uid [ unknown] Debian Security Archive Automatic Signing Key (10/buster)
sub rsa4096 2019-04-14 [S] [expires: 2027-04-12]
/etc/apt/trusted.gpg.d/debian-archive-buster-stable.gpg
-------------------------------------------------------
pub rsa4096 2019-02-05 [SC] [expires: 2027-02-03]
6D33 866E DD8F FA41 C014 3AED DCC9 EFBF 77E1 1517
uid [ unknown] Debian Stable Release Key (10/buster) 回答 1
Unix & Linux用户
回答已采纳
发布于 2019-04-28 16:36:55
ftp主版每次发布一次的签名在ftp-master.debian.org中描述:
哪一个版本应该用哪个密钥签名?稳定版本由在发布时使用的ftp主自动存档签名密钥和每次发布的稳定密钥进行签名。其他版本的发布文件(建议的更新、测试、测试-建议的更新、不稳定的和实验性的)只由ftp主自动密钥签名。安全存档仅由ftp主密钥签名。目前的程序是,每个发行版都有一个ftp主密钥(以前的过程每年推出一次新密钥)。
至于archive.org可以追溯到2009年,情况就是这样,包括蚀刻发布:
目前的程序是,每个发行版都有一个ftp主密钥(以前的过程每年推出一次新密钥)。存档密钥活动签名密钥当前(2007/蚀刻)密钥可以是在这里下载
它似乎与创建用于蚀刻的包debian-archive-keyring有关,其中包括您删除的文件,其中apt 取决于蚀刻:
(closes:#386800)apt (0.6.46.2) unstable; urgency=low* debian/control:- depend on debian-archive-keyring to offer clean upgrade pathD13
页面原文内容由Unix & Linux提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://unix.stackexchange.com/questions/515937
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号