I was wondering which option in apt.conf will block by default the installation of packages with invalid signatures. I'm using Debian Wheezy 7.6
Thanks!
Asked
Active
Viewed 1,838 times
1 Answers
1
This depends on the apt frontend you use (apt-get, aptitude etc.).
The default, at least for apt-get and aptitude, is to always check signatures and to prompt if the check failed. So the behaviour you ask for is already the default.
To override this, you can set the option "allow-unauthenticated" (as --allow-unauthenticated option on the commandline, or as APT::Get::AllowUnauthenticated "true"; in apt.conf). This will disable the check. If you want apt to always check, make sure this setting is not in your apt.conf.
If install a package non-interactively, it depends on the options you use. If you use --assume-yes, ìnstallation will be aborted if the signature check fails. --force-yes may allow the installation (I did not check).
Also see this question on askubuntu: How do I bypass/ignore the gpg signature checks of apt?.
