Is apt-check-sigs supposed to work with etch these days? Does this mean nothing works right, or am I compromised?
I get sporadic complaints from `apt-get update` as well saying that the packages are not signed with the right key. -Mark hedges-m:~# ./apt-check-sigs Checking sources in /etc/apt/sources.list: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ You should take care to ensure that the distributions you're downloading are the ones you think you are downloading, and that they are as up to date as you would expect (testing and unstable should be no more than two or three days out of date, stable-updates no more than a few weeks or a month). Source: deb http://ftp.us.debian.org/debian/ stable main non-free contrib o Origin: Debian/Debian o Suite: stable/sarge o Date: Tue, 18 Apr 2006 13:17:42 UTC o Description: Debian 3.1r2 Released 17 April 2006 * COULDN'T CHECK SIGNATURE BY KEYID: 010908312D230C5F * NO VALID SIGNATURE * PROBLEMS WITH main (OK, NOCHECK) * PROBLEMS WITH non-free (OK, NOCHECK) * PROBLEMS WITH contrib (OK, NOCHECK) Source: deb http://ftp.us.debian.org/debian/ testing main non-free contrib o Origin: Debian/Debian o Suite: testing/etch o Date: Sun, 27 Aug 2006 19:59:23 UTC o Description: Debian Testing distribution - Not Released * COULDN'T CHECK SIGNATURE BY KEYID: 010908312D230C5F * NO VALID SIGNATURE * PROBLEMS WITH main (OK, NOCHECK) * PROBLEMS WITH non-free (OK, NOCHECK) * PROBLEMS WITH contrib (OK, NOCHECK) Source: deb http://security.debian.org/ stable/updates main contrib non-free o Origin: Debian/Debian-Security o Suite: stable/sarge o Date: Mon, 28 Aug 2006 05:24:39 UTC o Description: Debian 3.1 Security Updates * COULDN'T CHECK SIGNATURE BY KEYID: 010908312D230C5F * NO VALID SIGNATURE * PROBLEMS WITH main (OK, NOCHECK) * PROBLEMS WITH contrib (OK, NOCHECK) * PROBLEMS WITH non-free (OK, NOCHECK) Source: deb http://security.debian.org/ testing/updates main contrib non-free o Origin: Debian/Debian-Security o Suite: testing/etch o Date: Mon, 28 Aug 2006 05:24:39 UTC o Description: Debian testing Security Updates * COULDN'T CHECK SIGNATURE BY KEYID: 010908312D230C5F * NO VALID SIGNATURE * PROBLEMS WITH main (OK, NOCHECK) * PROBLEMS WITH contrib (OK, NOCHECK) * PROBLEMS WITH non-free (OK, NOCHECK) Results ~~~~~~~ find: warning: you have specified the -maxdepth option after a non-option argument -type, but options are not positional (-maxdepth affects tests specified before it as well as those specified after it). Please specify options before other arguments. The following files in /var/lib/apt/lists have not been validated. This could turn out to be a harmless indication that this script is buggy or out of date, or it could let trojaned packages get onto your system. ftp.us.debian.org_debian_dists_stable_Release ftp.us.debian.org_debian_dists_stable_Release.gpg ftp.us.debian.org_debian_dists_testing_contrib_binary-i386_Packages.Inde xDiff ftp.us.debian.org_debian_dists_testing_main_binary-i386_Packages.IndexDi ff ftp.us.debian.org_debian_dists_testing_non-free_binary-i386_Packages.Ind exDiff ftp.us.debian.org_debian_dists_testing_Release ftp.us.debian.org_debian_dists_testing_Release.gpg security.debian.org_dists_stable_updates_Release security.debian.org_dists_testing_updates_Release The contents of the following files in /var/lib/apt/lists could not be validated due to the lack of a signed Release file, or the lack of an appropriate entry in a signed Release file. This probably means that the maintainers of these sources are slack, but may mean these sources are being actively used to distribute trojans. The files have been renamed to have the extension .FAILED and will be ignored by apt. ftp.us.debian.org_debian_dists_stable_main_binary-i386_Packages ftp.us.debian.org_debian_dists_stable_non-free_binary-i386_Packages ftp.us.debian.org_debian_dists_stable_contrib_binary-i386_Packages ftp.us.debian.org_debian_dists_testing_main_binary-i386_Packages ftp.us.debian.org_debian_dists_testing_non-free_binary-i386_Packages ftp.us.debian.org_debian_dists_testing_contrib_binary-i386_Packages security.debian.org_dists_stable_updates_main_binary-i386_Packages security.debian.org_dists_stable_updates_contrib_binary-i386_Packages security.debian.org_dists_stable_updates_non-free_binary-i386_Packages security.debian.org_dists_testing_updates_main_binary-i386_Packages security.debian.org_dists_testing_updates_contrib_binary-i386_Packages security.debian.org_dists_testing_updates_non-free_binary-i386_Packages -------------------- This email message is for the sole use of the intended recipient(s) and may contain privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message.
