You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As a workaround, a long time ago I added "digest-algo sha256" to the gpg.conf file on the local signer system, like so:
# See http://askubuntu.com/questions/819641/reprepro-signature-by-key-uses-weak-digest-algorithm-sha1
# and https://juliank.wordpress.com/2016/03/14/dropping-sha-1-support-in-apt/
digest-algo sha256
It would be more robust if merfi ran gpg2 with the --digest-algo SHA256 argument every time, so we did not depend on the state of the local .gpg.conf file.
The text was updated successfully, but these errors were encountered:
Apt on Ubuntu Xenial (and newer) will warn if the Apt repo GPG signatures are SHA1 instead of SHA256.
Background links:
By default, gnupg2 has a sha1 digest algorithm.
As a workaround, a long time ago I added "digest-algo sha256" to the
gpg.conf
file on the local signer system, like so:It would be more robust if merfi ran
gpg2
with the--digest-algo SHA256
argument every time, so we did not depend on the state of the local.gpg.conf
file.The text was updated successfully, but these errors were encountered: