[Cryptech Core] Debian packages for the Novena, what next?

Basil Dolmatov dol at reedcat.net
Wed Jul 8 08:07:01 UTC 2015


Agree! 

dol@ с iPad

> 8 июля 2015 г., в 10:28, Leif Johansson <leifj at sunet.se> написал(а):
> 
>> On 2015-07-08 03:19, Randy Bush wrote:
>> Yay!!!
>> 
>> Oh Jakob!
> 
> yikes! packages...  already?!? this is way beyond what I hoped we'd be
> able to achieve before Prague
> 
> Fantastic work!!!
> 
>> 
>> randy, please excuse tiPos
>> 
>>> On Jul 7, 2015, at 18:16, Rob Austein <sra at hactrn.net> wrote:
>>> 
>>> We have Debian packages.  They seem to work, and one can install them
>>> using apt-get.  Preliminary instructions below, eventually (ie, before
>>> the Prague workshop) these should go on the Wiki.
>>> 
>>> So in theory we now have PKCS #11 code for the Novena packaged so
>>> people can install it.  Do we have a signer to run on top of this yet?
>>> 
>>> ===
>>> 
>>> How to configure a Novena PVT-1 running Debian Wheezy to pull packages
>>> from the Cryptech Project APT repository.
>>> 
>>> ***** Installation *****
>>> 
>>> * Add the GPG public key (current one is temporary with a very short
>>> lifetime, will replace it with something better before Prague):
>>> 
>>> $ wget -q -O - https://apt.cryptech.is/novena/apt-gpg-key.asc | sudo apt-key add -
>>> 
>>> Or, for the tinfoil-inclined:
>>> 
>>> $ wget https://apt.cryptech.is/novena/apt-gpg-key.asc
>>> 
>>> [Do something here to reassure yourself that it's a good key]
>>> 
>>> $ sudo apt-key add apt-gpg-key.asc
>>> 
>>> For this week's temporary key, the best assurance you're likely to
>>> get will be downloading the key via HTTPS using a program (browser,
>>> wget, ...) that knows about the HACTRN Certificate Authority.
>>> 
>>> In the longer run (ie, by the time we get to Prague) the
>>> (replacement) key should be properly signed so you can verify it via
>>> the web of trust.  We'll probably want to hold a quick signing party.
>>> 
>>> See the apt-key(8) manual page for more information about the APT
>>> key database, including how to remove keys you don't want anymore.
>>> 
>>> * Configure APT to use this repository:
>>> 
>>> $ sudo wget -q -O /etc/apt/sources.list.d/novena.list http://apt.cryptech.is/novena/sources.list
>>> 
>>> * Update available packages and install the cryptech-novena packages: 
>>> 
>>> $ sudo apt-get update
>>> $ sudo apt-get install cryptech-novena-rtl
>>> 
>>> I haven't (yet) built a meta-package, but the -rtl package depends
>>> on the -sw package, so installing the -rtl package will get both.
>>> 
>>> ***** Upgrading *****
>>> 
>>> Once you've performed the steps above you should be able to upgrade to newer
>>> version of the code using the normal APT upgrade process, eg:
>>> 
>>> $ sudo apt-get update
>>> $ sudo apt-get upgrade
>>> _______________________________________________
>>> Core mailing list
>>> Core at cryptech.is
>>> https://lists.cryptech.is/listinfo/core
>> _______________________________________________
>> Core mailing list
>> Core at cryptech.is
>> https://lists.cryptech.is/listinfo/core
>> 
> 
> 
> _______________________________________________
> Core mailing list
> Core at cryptech.is
> https://lists.cryptech.is/listinfo/core



More information about the Core mailing list