[R-sig-Debian] Secure apt

Scott Raynaud scott.raynaud at yahoo.com
Mon Mar 19 21:45:45 CET 2012


Things look a little different when I try to do this from my 
virtual machine at work.  When I remove the 11371 an
conduct the search again I get:

xt/html; charset=UTF-8
Age: 47
X-Cache: HIT from boquila.canonical.com
X-Cache-Lookup: HIT from boquila.canonical.com:11371
Via: 1.0 boquila.canonical.com:11371 (squid/2.7.STABLE7), 1.0 localhost.localdomain
Date: Mon, 19 Mar 2012 19:23:16 GMT
Content-Length: 139

<html><head><title>Page not found</title></head>
<body><h1>Page not found</h1>Page not found: /var/lib/sks/www/favicon.ico</body></html>
HTTP/1.1 200 OK
Server: sks_www/1.0.10
Content-Type: text/html; charset=UTF-8
Age: 53
X-Cache: HIT from boquila.canonical.com
X-Cache-Lookup: HIT from boquila.canonical.com:11371
Via: 1.0 boquila.canonical.com:11371 (squid/2.7.STABLE7), 1.0 localhost.localdomain
Date: Mon, 19 Mar 2012 19:23:27 GMT
Content-Length: 1903

<html><head><title>Public Key Server -- Get ``0x51716619e084dab9 ''</title></head>
<body><h1>Public Key Server -- Get ``0x51716619e084dab9 ''</h1>
<pre>
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: SKS 1.0.10


-----END PGP PUBLIC KEY BLOCK-----
</pre>
</body></html>


where the key string appear between the 
begin and end statements.  Should I put
all or part of this into the key.txt file? 

 
----- Original Message -----
From: Ian Gow <iandgow at gmail.com>
To: Scott Raynaud <scott.raynaud at yahoo.com>
Cc: Dirk Eddelbuettel <edd at debian.org>; "r-sig-debian at r-project.org" <r-sig-debian at r-project.org>
Sent: Sunday, March 18, 2012 12:50 PM
Subject: Re: [R-sig-Debian] Secure apt

The whole thing if I recall correctly. 

Sent from my iPhone

On Mar 18, 2012, at 1:19 PM, Scott Raynaud <scott.raynaud at yahoo.com> wrote:

> Ian:
> 
> Thanks.  When I click on the first hyperlink for E084DAB9 
> 
> I get a file that looks like this:
> Public Key Server -- Get ``0x51716619e084dab9 ''
> -----BEGIN PGP PUBLIC KEY BLOCK-----
> Version: SKS 1.0.10
> 
> 
> 
> -----END PGP PUBLIC KEY BLOCK-----
> 
> with a long string of characters in between 
> the BEGIN and END lines.  Can you confirm
> which part of this I need to include in my 
> text file?
> 
> Thanks.
> 
> 
> 
> 
> 
> ----- Original Message -----
> From: Ian Gow <iandgow at gmail.com>
> To: Dirk Eddelbuettel <edd at debian.org>
> Cc: Scott Raynaud <scott.raynaud at yahoo.com>; "r-sig-debian at r-project.org" <r-sig-debian at r-project.org>
> Sent: Sunday, March 18, 2012 9:51 AM
> Subject: Re: [R-sig-Debian] Secure apt
> 
> Scott:
> 
> I have the same issue with the firewall.
> 
> My experience is that, after following Dirk's directions on the CRAN page for Debian/Ubuntu (http://cran.r-project.org/bin/linux/ubuntu/), sometimes the web search gets returned with :11371 embedded in the URL and that gets blocked too. My low-tech solution is as follows. 
> 
> After I go to http://keyserver.ubuntu.com and do a search, I get:
> 
> http://keyserver.ubuntu.com:11371/pks/lookup?search=rutter%2C+michael&op=vindex
> 
> So I edit out the 11371 to get
> 
> http://keyserver.ubuntu.com/pks/lookup?search=rutter%2C+michael&op=vindex
> 
> and from that I get a webpage looking like the text below (with hyperlinks for each "E084DAB9"). I can then click the top link, save the result as key.txt and then follow the directions on the CRAN Debian/Ubuntu page above.
> 
> (My previous low-low-tech solution was to pull up the page on my iPhone--with WiFi off--and email the text to myself. But the merely low-tech approach is less painful.)
> 
> -Ian
> 
> Result for http://keyserver.ubuntu.com/pks/lookup?search=rutter%2C+michael&op=vindex:
> 
> Search results for 'rutter michael'
> 
> Type bits/keyID    cr. time  exp time  key expir
> 
> pub  2048R/E084DAB9 2010-10-19            
> 
> uid Michael Rutter <marutter at gmail.com>
> sig  sig3  E084DAB9 2010-10-19 __________ 2015-10-18 [selfsig]
> 
> sub  2048R/1CFF3E8F 2010-10-19            
> sig sbind  E084DAB9 2010-10-19 __________ 2015-10-18 []
> 
> 
> 
> On Mar 18, 2012, at 9:39 AM, Dirk Eddelbuettel wrote:
> 
>> 
>> On 18 March 2012 at 06:25, Scott Raynaud wrote:
>> | I am trying to add Michael Rutter's ppa to my
>> | repository.  I cannot do this from the command
>> | line.  I think I may be behind a firewall so copying
>> | the key to a text file is my best option.  When I
>> | search for the key at 
>> | 
>> | http://keyserver.ubuntu.com:11371/
>> | 
>> | the search fails.  Tried typing and 
>> | cutting and pasting E084DAB9 into 
>> | the search box without success.  How 
>> | can I get the key?
>> 
>> By reading up on the underlying 'web of trust' initially built around PGP,
>> and later GPG which is used here too.  The idiomatic approach is to do a 
>> 'gpg --search ....' where you also need to specify a server:
>> 
>>  edd at max:~$ gpg --keyserver pgp.mit.edu --search-key E084DAB9 
>>  gpg: searching for "E084DAB9" from hkp server pgp.mit.edu
>>  (1)    Michael Rutter <marutter at gmail.com>
>>            2048 bit RSA key E084DAB9, created: 2010-10-19
>>  Keys 1-1 of 1 for "E084DAB9".  Enter number(s), N)ext, or Q)uit > n
>>  Enter number(s), N)ext, or Q)uit > 1
>>  gpg: requesting key E084DAB9 from hkp server pgp.mit.edu
>>  gpg: key E084DAB9: public key "Michael Rutter <marutter at gmail.com>" imported
>>  gpg: Total number processed: 1
>>  gpg:              imported: 1  (RSA: 1)
>>  edd at max:~$ 
>> 
>> 
>> Dirk
>> 
>> -- 
>> "Outside of a dog, a book is a man's best friend. Inside of a dog, it is too
>> dark to read." -- Groucho Marx
>> 
>> _______________________________________________
>> R-SIG-Debian mailing list
>> R-SIG-Debian at r-project.org
>> https://stat.ethz.ch/mailman/listinfo/r-sig-debian




More information about the R-SIG-Debian mailing list