On Fri, Dec 29, 2006 at 11:01:00AM +0100, Florian Kulzer wrote: > On Thu, Dec 28, 2006 at 23:14:23 +0000, Digby Tarvin wrote: > > [...] > > > I'm still stuck with the big red warning box complaining about the > > missing public key for multimedia.org after an update, and I'm still > > not clear if this is normal and expected (which would be annoying), or > > something specific to me (which would be worrying). > > > > If it is the former, I would have thought it would be better to > > just have some way of just not signing packages rather than signing > > with a key that can't be checked. > > Marillat's key is not part of the debian-archive-keyring package, > therefore it is not added to apt's trusted keys automatically. You can > download it from the usual public key servers or you can take it from > the debian-keyring package. The latter method is more secure because the > integrity of the debian-keyring package is checked by apt before > installation. Once this package is installed you can run > > gpg --no-default-keyring --keyring /usr/share/keyrings/debian-keyring.gpg -a > --export 07DC563D1F41B907 | sudo apt-key add - > > (The first two options make sure that the key is taken from the Debian > keyring; the rest tells gpg to export the key in ASCII-armored format, > which can be piped to apt-key directly.)
Ah - that did it. I already had the debian-keyring package installed, but didn't realise that last step was necessary to make the required key visible to apt... Thanks, DigbyT -- Digby R. S. Tarvin digbyt(at)digbyt.com http://www.digbyt.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]