Op zondag 18 december 2005 10:50, schreef MJang: > Folks, > > per http://www.opensuse.org/Additional_YaST_Package_Repositories, > there's a bit of a warning: > > YaST fully trusts installation sources and does not perform any kind of > authenticity verification on the contained packages. So be careful when > adding installation sources on the Internet. > > I guess that means there's no GPG key for other installation sources. > > Is there any other way to verify installation sources, such as Packman > or Guru, or even the standard mirrors listed at > http://www.novell.com/products/suselinux/downloads/ftp/int_mirrors.html, > or am I just being paranoid?
You can use apt. It check each package on each gpg key. Further more it is easy to obtain the gpg keys. More about it on http://linux01.gwdg.de/apt4rpm However, suse is moving into yum and smartpm... -- Richard Bos Without a home the journey is endless --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
