Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Question about gpg in make.conf features [Closed]
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Portage & Programming
View previous topic :: View next topic  
Author Message
bibl4
n00b
n00b


Joined: 07 Jan 2005
Posts: 26
Location: Switzerland

PostPosted: Mon Nov 06, 2006 5:50 pm    Post subject: Question about gpg in make.conf features [Closed] Reply with quote

Dear all

I would like to activate 'gpg' FEATURE in make.conf
I tried to get gentoo.gpg at http://dev.gentoo.org/~carpaski/gpg without success (page not found error)
Accordingly gentoo developpers list, carpaski seems to have left gentoo...
I furthermore tryied to find any tips about finding the missing file without any success (documentation and forums).

Q1: I noticed gpg feature is experimental. But is it still available, useable, up to date (i.e: status) ?
Q2: How do a user get the gentoo.gpg keys ?
Q3: Is there any documentation about using this feature (no PORTAGE_GPG_[KEY|DIR] variable
referenced either in make.conf or portage manual) ?

Many thank's for your tips
Kindest regards
bib


Last edited by bibl4 on Fri Nov 17, 2006 11:30 am; edited 1 time in total
Back to top
View user's profile Send private message
PMcCauley
Apprentice
Apprentice


Joined: 14 Mar 2006
Posts: 283
Location: Alberta, Canada

PostPosted: Mon Nov 06, 2006 6:21 pm    Post subject: Reply with quote

Hey bibl4, looks like you can emerge gnupg. Here's the guides I found.

http://gentoo-wiki.com/HOWTO_GnuPG
http://www.gentoo.org/doc/en/gnupg-user.xml
http://gentoo-wiki.com/HOWTO_Encrypted_Backup_System_Using_Bacula_and_GnuPG

Good luck,


Patrick
Back to top
View user's profile Send private message
kadeux
Tux's lil' helper
Tux's lil' helper


Joined: 21 Nov 2005
Posts: 103

PostPosted: Tue Nov 07, 2006 1:47 am    Post subject: Re: Question about gpg in make.conf features Reply with quote

bibl4 wrote:

Q2: How do a user get the gentoo.gpg keys ?

/usr/lib/portage/bin/portage_gpg_update.sh

HTH
Back to top
View user's profile Send private message
Genone
Retired Dev
Retired Dev


Joined: 14 Mar 2003
Posts: 9501
Location: beyond the rim

PostPosted: Tue Nov 07, 2006 1:21 pm    Post subject: Reply with quote

Don't use it. It's useless, unmaintained and likely broken.
Back to top
View user's profile Send private message
bibl4
n00b
n00b


Joined: 07 Jan 2005
Posts: 26
Location: Switzerland

PostPosted: Tue Nov 07, 2006 1:54 pm    Post subject: Reply with quote

After having reworked portage setup with gpg till i could run an 'emerge --info' without troubles,
i got the tip of genone :? ...
End of the story (you may have a look on the developper list if you don't belive it)
Anyway many thanks to all of you for your tips
Back to top
View user's profile Send private message
kadeux
Tux's lil' helper
Tux's lil' helper


Joined: 21 Nov 2005
Posts: 103

PostPosted: Wed Nov 08, 2006 2:30 am    Post subject: Reply with quote

Some statistics for my desktop computer:

464 Packages installed
214 of the 464 installed Packages have a signed Manifest (approx. 46%)
39 different keys are used for signing these 214 Manifest files

Most of the software used for a server/router/firewall have a signature file on the project homepage to check the source tarball. Maybe you go that way to verify the installation data manually before emerging.
Back to top
View user's profile Send private message
Genone
Retired Dev
Retired Dev


Joined: 14 Mar 2003
Posts: 9501
Location: beyond the rim

PostPosted: Wed Nov 08, 2006 8:36 am    Post subject: Reply with quote

kadeux wrote:
Most of the software used for a server/router/firewall have a signature file on the project homepage to check the source tarball. Maybe you go that way to verify the installation data manually before emerging.

That only gives your a partial security though as you're only making sure that the primary sources are authentic. It won't protect you from malicious ebuilds or patches from a hacked rsync server (which is/was the main goal of Manifest signing). Just mentioning it so people don't get a false feeling of security when they go that way.
Back to top
View user's profile Send private message
kadeux
Tux's lil' helper
Tux's lil' helper


Joined: 21 Nov 2005
Posts: 103

PostPosted: Wed Nov 08, 2006 2:10 pm    Post subject: Reply with quote

Genone wrote:
That only gives your a partial security though as you're only making sure that the primary sources are authentic. It won't protect you from malicious ebuilds or patches from a hacked rsync server (which is/was the main goal of Manifest signing).

Agreed.
Genone wrote:
Just mentioning it so people don't get a false feeling of security when they go that way.

I've wanted to keep my last posts short, but you are right, they may be misleading. Manually checking the source tarballs additionally to manually checking the already signed Manifest files in the tree was meant as an *insufficient* alternative to the (in the current state) even more insufficient automatic checking with the gpg feature in make.conf, which is not ready yet. It was only mentioned as a piece of one layer out of more security layers that we (we = the system administrators of our own computers) could implement. And people must understand that they will *never* be 100% secure, because something like "absolute secure" does not exist in real life. The "Portage and Programming" forum may not be the right place to start a discussion about all the other security layers, so let us look at the state of portage, the portage tree and the signing of Manifest files and Portage snapshots.

If you want to check if the version of a snapshot of the portage tree on a mirror is identical to the version of the tree on the main server at a given reference time, you can use emerge-delta-webrsync to build an identical version of the signed daily portage snapshot. After syncing (and before emerging) you can check the new created tarball with the *.gpgsig and *.md5sum and *.umd5sum found on the mirrors. (You can also use emerge-webrsync and download the daily snapshot directly, but using emerge-delta-webrsync is faster and reduces the load for the mirrors). And to reduce the risk of a hacked mirror, you could download the signature and the patches from different mirrors. Of course this could not protect you from malicious files from a hacked main server. :wink:

Genone: I remember that you are involved in the discussion about a policy for handling gpg signing in portage back in 2004. Can you give some informations about possible plans or a roadmap for further implementation of this feature in the future?
Back to top
View user's profile Send private message
Genone
Retired Dev
Retired Dev


Joined: 14 Mar 2003
Posts: 9501
Location: beyond the rim

PostPosted: Wed Nov 08, 2006 2:14 pm    Post subject: Reply with quote

kadeux wrote:
Genone: I remember that you are involved in the discussion about a policy for handling gpg signing in portage back in 2004. Can you give some informations about possible plans or a roadmap for further implementation of this feature in the future?

AFAIK Robin is currently working on a new proposal for it, haven't seen anything about it though other than various questions/comments regarding the Manifest2 format/implementation. For me, I've always waited for someone to actually define and implement a key policy, but nobody ever did.
Back to top
View user's profile Send private message
bibl4
n00b
n00b


Joined: 07 Jan 2005
Posts: 26
Location: Switzerland

PostPosted: Tue Nov 14, 2006 10:23 am    Post subject: Reply with quote

Wow!
Thank's again to kadeux and genone for the incredible competent answers to my questions.
This is stuff we can work with :)
Kindest regards
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Portage & Programming All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum