You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Jul 10, 2022. It is now read-only.
APT has deprecated SHA1 signatures on repositories since version 1.2.7. Right now it's only a warning when downloading packages from a SHA1-signed repository, but starting in January 2017 it will become an error.
GPG signs using SHA1 by default, but can be configured to sign using SHA256. This should be the default on deb-s3 to avoid issues in the future. SHA256 has been supported in APT since version 0.7.7 (October 2007) so it should be safe to set as default.
To sign with SHA256 right now, the following option can be used: --gpg-options='--digest-algo SHA256'
The text was updated successfully, but these errors were encountered:
I spent several hours chasing this down today and while this is not the fault of deb-s3 I think making this the default would go a long way toward helping others avoid this.
APT has deprecated SHA1 signatures on repositories since version 1.2.7. Right now it's only a warning when downloading packages from a SHA1-signed repository, but starting in January 2017 it will become an error.
GPG signs using SHA1 by default, but can be configured to sign using SHA256. This should be the default on deb-s3 to avoid issues in the future. SHA256 has been supported in APT since version 0.7.7 (October 2007) so it should be safe to set as default.
To sign with SHA256 right now, the following option can be used:
--gpg-options='--digest-algo SHA256'
The text was updated successfully, but these errors were encountered: