Differences between revisions 16 and 17
Revision 16 as of 2008-04-08 08:54:27
Size: 3339
Comment: fix link to SecurityManagement
Revision 17 as of 2009-03-16 03:36:53
Size: 3331
Editor: anonymous
Comment: converted to 1.6 markup
Deletions are marked like this. Additions are marked like this.
Line 62: Line 62:
See the [:SecurityManagement:security page] for information about keeping your Debian install secure. See the [[SecurityManagement|security page]] for information about keeping your Debian install secure.
Line 67: Line 67:
 * [wiki:Status The Status page]
 * [wiki:Status/Stable Status of Stable]
 * [wiki:Status/Unstable Status of Unstable]
 * [[Status|The Status page]]
 * [[Status/Stable|Status of Stable]]
 * [[Status/Unstable|Status of Unstable]]

Current Issues Affecting Testing

fglrx driver in testing is broken

For more info, see

apt key problems

I believe you can now resolve this for official Debian repositories by simply installing the debian-archive-keyring package.

Here is something that is going on: an apt update now gives: W: GPG error: http://http.us.debian.org testing Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 010908312D230C5F

I had a pubkey installed for testing yesterday. Now what? --JoshuaRodman

This email from JoeyHess might be relevant: http://lists.debian.org/debian-user/2006/01/msg00291.html

If you encounter following kind of warning (when running apt-get update) :

W: GPG error: ftp://ftp.belnet.be testing Release: The following signatures couldn't be veri ailable: NO_PUBKEY 010908312D230C5F

Follow the procedure below :

# open console terminal, type su and root password # gpg --keyserver wwwkeys.eu.pgp.net --recv-keys 2D230C5F # gpg --armor --export 2D230C5F | apt-key add - # apt-get update

If you encounter following kind of warning (when running apt-get update) :

W: GPG error: http://secure-testing.debian.net etch/security-updates Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 946AA6E18722E71E W: You may want to run apt-get update to correct these problems

Follow the procedure below :

# Open console terminal, type su and root password # wget http://secure-testing.debian.net/ziyi-2005-7.asc -O - | apt-key add - # apt-get update

If you have other sources in sources.list file, you can get the key for them in a similar manner, just look for the key number in the error message. --?JanJansen

  • Okay, although I don't like the release key being in root's keyring. But what I can't find anywhere is information on how I (as user, not a knoweledgable Debian Developer), can validate or trust the release key. --JoshuaRodman

Security

There is security support for lenny, but in general it cannot be expected to be of the same quality as for stable:

  • Updates for testing-security usually get less testing than updates for stable-security.
  • Updates for embargoed issues take longer because the testing security team does not have access to embargoed information.
  • Testing is changing all the time which increases the likelyhood of problems with the build infrastructure. Such problems can delay security updates in testing.

In order to have a secure lenny installation, you must update your system on a regular basis. The majority of security fixes gets into testing from unstable. Additionally, you need your SourcesList to include:

The older http://security-testing-master.debian.net URLs are no longer functional.

See the security page for information about keeping your Debian install secure.