On Fri, Oct 10, 2014 at 11:55 AM, Mark Felder <[email protected]> wrote: > > > On Fri, Oct 10, 2014, at 14:47, Bryan Drewery wrote: >> On 10/10/2014 1:12 PM, [email protected] wrote: >> > On Fri, 10 Oct 2014 12:57:42 -0500, Brian Drewery wrote: >> > >> >> find /usr/share/keys/pkg -exec sha256 {} + >> > >> > No such file >> >> That's your problem. You are missing the signature fingerprints to >> compare against. As such Pkg is refusing to do anything to prevent MITM >> attacks. >> >> You are missing this: >> https://www.freebsd.org/security/advisories/FreeBSD-EN-14:03.pkg.asc >> >> freebsd-update can provide it. > > Ahh, good point. This is better advice. Even if your system was > supposedly fully up to date freebsd-update would detect this is missing > and repair it as it was part of an SA. This is better advice than my > manual creation method :-)
I'm glad that Mark managed to get an answer to this question. But could pkg be adapted to help uninitiated users to discover this for themselves on the spot? Royce _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "[email protected]"
