[Cryptech Core] Updated Novena apt-get cheat sheet

Rob Austein sra at hactrn.net
Thu Jul 16 12:57:53 UTC 2015


Updated instructions.  As promised, APT signing key has been updated
with one intended to last a few years: 4096 bit RSA, packages are
signed using a subkey so that the master private key doesn't need to
be on the server, public key signed by me and uploaded to public key
servers.  Probably would be a good idea to get a few more signatures
on the key, we can deal with that tomorrow.

-------------- next part --------------
Updated cheat sheet on configuring a Novena PVT-1 running Debian
Wheezy to pull packages from the Cryptech Project APT repository.

***** Installation *****

* Add the GPG public key (current one is temporary with a very short
  lifetime, will replace it with something better before Prague):

  $ wget -q -O - https://apt.cryptech.is/novena/apt-gpg-key.asc | sudo apt-key add -

  Or, for the tinfoil-inclined:

  $ wget https://apt.cryptech.is/novena/apt-gpg-key.asc

    [Do something here to test that it's a good key]

  $ sudo apt-key add apt-gpg-key.asc

  Or, for the tin-foil inclined who use GPG enough to know how to
  verify keys properly via the web of trust:

  $ id=37A8E93F5D7E7B9A
  $ gpg --recv-key $id
  $ gpg --check-sig $id
  $ gpg --export $id | sudo apt-key add -

  See the apt-key(8) manual page for more information about the APT
  key database, including how to remove keys you don't want anymore.

* Configure APT to use this repository:

  $ sudo wget -q -O /etc/apt/sources.list.d/novena.list http://apt.cryptech.is/novena/sources.list

* Update available packages and install the cryptech-novena packages: 

  $ sudo apt-get update
  $ sudo apt-get install cryptech-novena

***** Upgrading *****

Once you've performed the steps above you should be able to upgrade to newer
version of the code using the normal APT upgrade process, eg:

  $ sudo apt-get update
  $ sudo apt-get upgrade


More information about the Core mailing list