Re: [arch-general] pacman security when importing new keys?

On 02/12/2015 03:46 AM, Genes Lists wrote: Just FYI in case anyone else gets flaky behaviour. Be interesting to know for those that said 'n' to the import - if they got asked a second time or not. Yes, you get asked a second time. Manuel

Re: [arch-general] pacman security when importing new keys?

1 little observation - i had a network blackout (traveling) just as was asking me to ok the import. pacman exited. When i reconnected and tried again - i did not get a Y/n prompt to import - i just get error. The only way I found to proceed with any update after that was to change the key

Re: [arch-general] pacman security when importing new keys?

Ah ok, importing a key != trusted key. Only to get things sorted. Why I need to accept the import of a key manually? Am 10.02.2015 um 14:32 schrieb Daniel Micay: It already verifies the keys by default... you have to go out of your way to manually mark a key as trusted. Importing a key !=

Re: [arch-general] pacman security when importing new keys?

On 10/02/15 08:15 AM, Mike Cloaked wrote: On Tue, Feb 10, 2015 at 12:59 PM, Dennis Lange den...@lumalab.net wrote: Hi Manuel, thanks for posting this thread. I also wondered about the key from eworm. Sure he is a trusted user but accepting keys made me a little bit nervous. Is there a way

Re: [arch-general] pacman security when importing new keys?

On 10/02/15 07:59 AM, Dennis Lange wrote: Hi Manuel, thanks for posting this thread. I also wondered about the key from eworm. Sure he is a trusted user but accepting keys made me a little bit nervous. Is there a way to verify my pacman keys? Dennis It already verifies the keys by

Re: [arch-general] pacman security when importing new keys?

On Tue, Feb 10, 2015 at 12:59 PM, Dennis Lange den...@lumalab.net wrote: Hi Manuel, thanks for posting this thread. I also wondered about the key from eworm. Sure he is a trusted user but accepting keys made me a little bit nervous. Is there a way to verify my pacman keys? Dennis I guess

Re: [arch-general] pacman security when importing new keys?

Hi Manuel, thanks for posting this thread. I also wondered about the key from eworm. Sure he is a trusted user but accepting keys made me a little bit nervous. Is there a way to verify my pacman keys? Dennis Am 09.02.2015 um 22:00 schrieb Manuel Reimer: Hello, today, pacman asked me to

[arch-general] pacman security when importing new keys?

Hello, today, pacman asked me to import a new signature key. So far this was done automatically using a keys-package, which, itself, was signed with a trusted key. How is the new mechanism secured? Is the new way, to bring keys to users, prone to MITM attacks? Thanks in advance. Manuel