[Bug: 21.5-b28] authentication error when installing packages
Steve Youngs
steve at sxemacs.org
Mon Jul 23 21:00:18 EDT 2007
* zooko <zooko at zooko.com> writes:
>> Thank you for XEmacs and the packaging tool! When I execute "M-x
>> package-get-info" it says "Can't check signature: Public key nil not
>> found".
[...]
> So now I'm trying the "M-x customize-variable RET package-get-require-
> signed-base-updates RET" path.
Yep, but unless package-get.el is loaded you'll probably get an unknown
variable error. You'd be better off...
(setq package-get-require-signed-base-updates nil)
...in your ~/.xemacs/init.el
> I still think that this should be made easier.
The code attempts to set a good (note I didn't say "sane") default. It
looks for a gpg/pgp executable and if found, sets the default to
requiring signed package-index files.
If you really want to have PUI (Package User Interface) verify the
signature on the index file and you don't have the right key, then the
easiest thing is add this to your ~/.gnupg/gpg.conf...
keyserver x-hkp://pgp.mit.edu
keyserver-options auto-key-retrieve
(use whatever keyserver you like)
However, IMO, signing the package-index files and verifying them is a
waste of time. In fact, in SXEmacs, we have removed all the pgp code
From the package infrastructure.
> we might as well make unauthenticated package installation the
> default.
Yep.:-)
--
|---<Steve Youngs>---------------<GnuPG KeyID: A94B3003>---|
| SXEmacs - The only _______ you'll ever need. |
| Fill in the blank, yes, it's THAT good! |
|------------------------------------<steve at sxemacs.org>---|
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 312 bytes
Desc: not available
Url : http://lists.xemacs.org/pipermail/xemacs-beta/attachments/20070724/02b4b685/attachment.pgp
More information about the XEmacs-Beta
mailing list
