Hi Theo, On 03/27/2014 12:27 AM, Theo de Raadt wrote: >> is it possible to make pkg_add -Dunsigned the default? I have a puppet >> setup with 5.5 and some custom built packages that are not yet signed. > That's not going to happen. For your own private use, you will have to > use -Dunsigned. > > An alternative is start creating your own keys and distribute them to > your hosts (/etc/signify/keller-55-pkg.pub), then sign your custom > packages. > > You then get key benefits for both distribution and custom packages.
Well I was just looking for a quick fix. But after reading pkg_sign(1) / signify(1) this turns out to be pretty straightforward... Thanks! André
