![]() None of this is new in secure apt, but it does provide the foundation. If apt fails at either of these steps, it will abort. And when it downloads an individual package, it can also check its checksum against the content of the Packages file. These two checksums allow apt to verify that it has downloaded a correct copy of the Packages file, with a checksum that matches the one in the Release file. Now if we look inside a Packages file, we'll find more checksums, one for each package listed in it. Among other things, the Release file contains some checksums of other files in the archive. Incidentally, both files are provided by the debian-archive-keyring package.Ī Debian archive contains a Release file, which is updated each time any of the packages in the archive change. For example, that directory could contain the following files: debian-archive-squeeze-automatic.gpg or debian-archive-wheezy-automatic.gpg. ![]() In more recent Debian GNU/Linux versions (Wheezy, for example), the keyrings are stored in specific files all located in the /etc/apt/ directory. ![]() apt-key can be used to show the keys in the keyring, and to add or remove a key. The keyring is kept in the file /etc/apt/trusted.gpg (not to be confused with the related but not very interesting /etc/apt/trustdb.gpg). However care should be taken with key IDs, especially the short 8 character ID as it is possible to generate collisions.Īpt currently uses gpg as the OpenPGP implementation to verify signatures.Īpt-key is a program that is used to manage a keyring of OpenPGP keys for secure apt. 256 or more hex digits and preferably a lot more), and to make them easier to work with they have a key id, which is a shorter, 8 or 16 digit number that can be used to refer to them. These keys are quite long numbers (at least 1024 bits, i.e. Anyone who doesn't have the private key can't forge such a signature. If a private key is used to sign a file, then anyone who has the public key can check that the file was signed by that key. It's also possible to use a private key to sign a file, not encrypt it. Anyone possessing the public key can encrypt a message so that it can only be read by someone possessing the private key. The public key is given out to the world the private key must be kept a secret. Public key cryptography is based on pairs of keys, a public key and a private key. APT was originally designed around MD5 but people have since managed to construct collisions and so support for newer hash functions has been added. Here are a few basic concepts that you'll need to understand for the rest of this document.Ī secure hash function (a type of checksum) is a method of taking a file and boiling it down to a reasonably short number that will uniquely identify the content of the file, even if people are deliberately trying to create a pair of different files with the same checksum or create a new file that matches a previous checksum.
0 Comments
Leave a Reply. |