On 2012-05-07, Gasko, Peter <gaskopeter0...@postafiok.hu> wrote: >======================================================================== > FYA (I have to post here, because I can't find e-mail address to these > mirrors): > ----- > > # having install50.iso > ftp://ftp2.eu.openbsd.org/pub/OpenBSD/5.1/amd64/ install50.iso
I notified the mirror maintainer, he is fixing it. > # not having 5.1 > ftp://ftp.arcane-networks.fr/pub/OpenBSD/5.1/amd64/ > ftp://ftp.irisa.fr/pub/OpenBSD/5.1/amd64/ > ftp://ftp.bytemine.net/pub/OpenBSD/5.1/amd64/ > ftp://mirror.yongbok.net/pub/OpenBSD/5.1/amd64/ > ftp://ftp.piotrkosoft.net/pub/OpenBSD/5.1/amd64/ > ftp://ftp.lambdaserver.com/pub/OpenBSD/5.1/amd64/ At least one of these does have 5.1, and there are others which don't. I'll give them a while longer to catch up (release wasn't very long ago and it is ~120GB or so) I'll go through and start removing sites from ftp.html in a week or so if 5.1 is still missing. >======================================================================== > Question#1: What is the "/pub/OpenBSD/5.1/packages/amd64/SHA256"? Can > anyone tell? SHA256 hashes of the packages in base-64 format. Works with cksum -c. > Question#2: Can rsync work with ssh? Or just rsync? > > rsync -v -e ssh rsync://ftp5.eu.openbsd.org/OpenBSD/5.1/packages/amd64/SHA256 > . > u...@ftp5.eu.openbsd.org's password: Sure rsync can work with ssh. but do you really expect to have a login account on a public mirror to run it?! > Question#3: Why are package signings missing? > ----- > > Why aren't the packages from ex.: > "ftp2.eu.openbsd.org/pub/OpenBSD/5.1/packages/amd64/" signed? Would it > be a big deal to give out a few extra commands? :O :\ > AFAIK pkg_add checks the keys of the downloaded packages if the > package is signed (FIXME). OpenBSD doesn't do that. I'm sure this has come up on the lists already quite a few times. You can download the packages manually and check the SHA256 signatures if you like (I would suggest downloading the SHA256 file from a different mirror or ftp.openbsd.org), and the package has internal SHA256 signatures in the packing list which will detect broken transfers and corruption in-transit, but if you want more reassurance than that, build your own packages. See 'man dpb'.
