On Fri, 10 Oct 2014 14:47:27 -0500, you wrote: >On 10/10/2014 1:12 PM, scratch65...@att.net wrote: >> On Fri, 10 Oct 2014 12:57:42 -0500, Brian Drewery wrote: >> >>> find /usr/share/keys/pkg -exec sha256 {} + >> >> No such file > >That's your problem. You are missing the signature fingerprints to >compare against. As such Pkg is refusing to do anything to prevent MITM >attacks. > >You are missing this: >https://www.freebsd.org/security/advisories/FreeBSD-EN-14:03.pkg.asc > >freebsd-update can provide it.
Thank you for the pointer. What puzzles me is why the problem wasn't fixed for o/s versions prior to 10.0 since it was being made mandatory for those versions. That doesn't seem like good practice. _______________________________________________ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"