Verification of Package Files When Using Sources.List.

Matthew pumpkin at
Sun Jan 2 22:33:48 UTC 2011

  I did post this before in November but got no responses.  Hopefully this 
wasn't because the question was so dumb.


My /etc/apt/sources.list contains:

deb lucid  main

In the "authentication" section of my "software sources" I have a archive signing key dated 2009-09-04 with a value 886DDD89.

I was looking at the page which explains how to verify signatures for 

If one is not directly downloading but using the sources.list file is the 
"authentication" section adequate to verify the validity of the downloads?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the tor-talk mailing list