Hi Release files contain MD5, SHA1, and SHA256
hashes. Same with Packages, Packages.gz and Packages.bz2. I would like to know what hash algo is used by APT to verify authenticity of downloaded files when issuing "aptitude update" or "apt-get update" and when instaling packages and security fixes. Does it fallback to weaker algorithm, if the hash made with stronger one is not avaible? Is there a way to force APT to use only selected algorithms so APT only accepts files verified by choosen algorithms, and rejects files when required hashes are unavaible? Could you point me to specific portions of documentation that covers this issue? Man pages of apt and apt-secure , dont mention it (at least in case of lenny), and I didnt have luck in finding the answer in other places. Thanks in advance for help. ------------------------------------------------------------ Zaloguj siÄ™ i zagraj w najlepsze gry! Sprawdz >> http://linkint.pl/f2988 -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/pknyoljrojbvamdyedsp@dgdz
