[gobolinux-users] Re: What am I signing?
Hisham Muhammad
hisham.hm at gmail.com
Fri May 5 20:42:19 GMT 2006
On 5/4/06, Dan <theyranos at gmail.com> wrote:
> I decided to use the first actual break I've gotten in a couple of
> months to update my computer. Every time I Compile something, I have
> to go through this process:
>
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> SymlinkProgram: Done.
> sudo: no passwd entry for root!
> SignProgram: Creating FileHash
> sudo: no passwd entry for root!
> SignProgram: Signing FileHash
>
> You need a passphrase to unlock the secret key for
> user: "Dan Charney <drmoose at drmoose.net>"
> 1024-bit DSA key, ID CC28D16F, created 2006-02-22
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
>
> Freshen is on update 20 of 89, which means I'll have to type my 21-
> character passphrase another 69 times. I'd love to know why. What is
> the FileHash I'm signing, and why do I have to sign it?
By default, Compile signs the binaries that were just compiled. The
list of hashes and the accompanying signature file can be found under
/Programs/Foo/1.0/Resources/FileHash{,.sig}. Typing in the passphrase
89 times sounds really painful -- any suggestions on how to streamline
the process are welcome (in particular, if anyone knows (if possible)
how to tell gpg to sign multiple files at once we could make
SignProgram sign everything in the very end).
-- Hisham
More information about the gobolinux-users
mailing list