On Tue, Oct 25, 2011 at 11:15 AM, Steve Holmes <steve.holmes88@gmail.com> wrote:
On Tue, Oct 25, 2011 at 03:00:50PM +0200, fredbezies wrote:
In /etc/pacman.conf, uncomment :
SigLevel = Optional TrustAll
Yeah, I saw that and understand that is appropriate for local packages. But now that I uncomment it, what if I want to tighten up the sig tests in the future. How does one correct the errors. In this current situation, it appears that this signature verification stuff doesn't work. What am I missing?
At least at the moment, I can go ahead and upgrade these 126 packages:).
If you want to tighten up, you should use TrustedOnly, instead of TrusAll. That would only consider as valid a signature whose key is present in pacman's keyring and also either signed explicitly by you or trusted by a key from someone you already trusts. The latter is what OpenPGP calls Web of Trust (you can read about it on the web, it's a very interesting subject) I didn't understand what you mean by "correct the errors" and "signature verification stuff doesn't work". Would you mind to elaborate on that? -- A: Because it obfuscates the reading. Q: Why is top posting so bad? ------------------------------------------- Denis A. Altoe Falqueto Linux user #524555 -------------------------------------------