Y
Hacker News
new
|
ask
|
show
|
jobs
by
yoursunny
1652 days ago
I run a small apt repository without signing, delivered over HTTPS only. Then I tell users to put `trusted=yes` in the source line. There's no APT signing key, no risk of compromise, and no need to backup.