Automated PPA GPG Keys
by Mez on Jun.07, 2009, under Personal
After reading Alan Pope’s recent post on installing GPG keys for PPAs easily, I thought I’d have a bit of a hack around.
Personally, I regularly add PPAs to my system, whether it be for Chromium Daily Builds, Bazaar, Gwibber, or anything else. I’ve found the most annoying thing is the installation of the GPG keys.
Now, I wouldn’t reccomend this for everyone, but, for some, it might be exactly what you’ve been looking for.
Here’s what I did:-
Firstly, I saved the Script that Alan linked to as /usr/local/bin/ppakeys and chmod’d it to 755. I then created a new file, “/etc/apt/apt.conf.d/05ppa” containing the following line
APT::Update::Pre-Invoke { "if [ -x /usr/local/bin/ppakeys ]; then /usr/local/bin/ppakeys; fi"; };
Now, every time I do a “sudo apt-get update” – it’ll check for new keys that I need, and install them as neccessary.
Magic!
<edit> Please make sure the quotes are correct if you copy and paste this!</edit>
8 Comments for this entry
11 Trackbacks / Pingbacks for this entry
-
Mantenha as chaves GPG do Launchpad sempre actualizadas! | Ubuntued
June 7th, 2009 on 2:54 pm[...] GPG Keys e o segundo blog é do Martin Meredith que, através do artigo do Alan Pope, fez o artigo Automated PPA GPG Keys. Através deste último poderei explicar como manter o seu sistema sempre actualizado ao nível de [...]
-
I’m impressed « Source Guru
June 7th, 2009 on 4:53 pm[...] Source Guru « Automated PPA GPG Keys [...]
-
ppakeysupdate: .deb para agregar / actualizar GPG Keys para PPAs de forma automática | evelio.info
June 8th, 2009 on 12:51 am[...] y de gran utilidad. Consiste en dos scripts: Launchpad Update por parte de Dominic Evans y otro más pequeño pero que le da la automatización a la cosa, por parte de Martin Meredith… esto ya no será [...]
-
Launchpad y las llaves GPG: Solución “automágica” « GNU/Linux Atelier
June 8th, 2009 on 5:46 am[...] Evans que descarga y agrega por nosotros todas las llaves públicas que no tengamos. Más tarde, Source Guru lo extendió para que se ejecute automáticamente cada vez que el sistema intente conectarse a los repositorios, [...]
-
Mantenha as chaves GPG do Launchpad sempre actualizadas!
June 8th, 2009 on 12:26 pm[...] GPG Keys e o segundo blog é do Martin Meredith que, através do artigo do Alan Pope, fez o artigo Automated PPA GPG Keys. Através deste último poderei explicar como manter o seu sistema sempre actualizado ao nível de [...]
-
Validar llaves de GPG de forma automatica « Ubuntu Life
June 8th, 2009 on 9:23 pm[...] | Source Guru Tema | Alvaro Blue for Dust Wallpaper | Foto del año [...]
-
Aggingere automaticamente le chiavi GPG dei repository Launchpad
June 9th, 2009 on 2:42 am[...] la parte più lunga, spesso, è la ricerca e l’aggiunta delle chiavi GPG. Ieri, tramite questo articolo di Source Guru, sono venuto a conoscenza di uno script che scarica ed aggiunge le chiavi dei [...]
-
Validando llaves GPG para PPAs de forma automática « Un Bioinformatiquillo
June 14th, 2009 on 10:39 am[...] buena solución la que encuentro en Source Guru, que usa un conocido script para validar automáticamente las llaves de PPAs en [...]
-
Peng’s links for Wednesday, 17 June « I’m Just an Avatar
June 17th, 2009 on 10:14 pm[...] process of getting the keys for PPA’a you’ve already added to your sources.list. And Martin Meredith took Alan’s script and may just have made it even [...]
-
LinuxLSC » Blog Archive » Solución “automágica” para las llaves GPG de Launchpad
June 29th, 2009 on 12:11 am[...] por Dominic Evans que descarga y agrega por nosotros todas las llaves públicas que no tengamos. Source Guru lo extendió para que se ejecute automáticamente cada vez que el sistema intente conectarse a los repositorios, [...]
-
SOURCES.LIST » Post Topic » Script di Dominic Evans per automatizzare l’autentificazione dei repository
November 6th, 2009 on 9:19 pm[...] come suggerito da Source Guru, se volete che ad ogni “sudo apt-get update” venga eseguito automaticamente lo script [...]
June 7th, 2009 on 3:07 am
Woah cool, thanks!
June 7th, 2009 on 4:17 am
A real secure technique
This really defeats the whole purpose of using PGP signatures to secure the repository. The script, when not hooked into apt, will be slightly more secure becuase you’ll at least have to acknowledge that a new repository has been added, or its key has changed, before installing the key. Even better would be checking each key against the trust network in your personal GPG keychain, and asking confirmation before installing the key.
June 7th, 2009 on 4:52 am
No, 05ppa must containg the following line:
APT::Update::Pre-Invoke { “if [ -x /usr/local/bin/ppakeys/ ]; then /usr/local/bin/ppakeys/launchpad-update; fi”; };
June 7th, 2009 on 8:16 am
I get
-desktop:/etc/apt/apt.conf.d$ sudo apt-get update
E: Syntax error /etc/apt/apt.conf.d/05ppa:2: Extra junk at end of file
any idea , I needed to write in the code by hand and it worked.
Thank you
June 7th, 2009 on 8:17 am
I should mention that I was copying the code from planet.ubuntu.com , maybe copying it here could have worked!
June 7th, 2009 on 10:44 am
Nice improvement Mez, like it!
June 7th, 2009 on 10:47 am
Ken, I agree, it’s not secure. But I’m happy for now to have it this way!
I believe that most PPA keys wont show up in the trust chain though
Maybe I can make some tweaks
November 6th, 2009 on 9:37 pm
Here you can find more than one script to add only missing gpg key or all gpg key: http://www.sourceslist.eu/guide/aggiungere-le-chiavi-gpg/