-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Harry Hoffman wrote: | It is hoped that the mirrors are only copies! They could be forged, altered, or | otherwise changed. Trusting a mirror is like trusting a friend's friend without | actually knowing either friend to start with. Trust is better served with things | that can't be proved easily (like the universe imploding upon itself tomorrow). | And that is more along the lines of hope anyway. :-) | Not to say that mirrors shouldn't be used, just something to think about. | | Cheers, | Harry | | | Quoting WipeOut <wipe_out@xxxxxxxxxxxxxxxxxxxxx>: | | *> | *> The mirrors are copys of the origian repository so I dontsee any reason | *> not to trust the mirror any less than the original repository.. | *> | *> As for using FC on servers, I am in the process of doing just that, I | *> went off and tried Gentoo, Debian and a number of other distros when RH | *> said there would be no more RHL but I cam back to Fedora because it is | *> still and awesome OS like RHL before it.. And time will only tell what | *> the future versions have to offer.. | *> | *> Also with projects like Fedora Legacy you will be able to run FC1 on | *> your server for a reasonable length of time.. | *> | *> Later.. | *> | *> | *> -- | *> fedora-list mailing list | *> fedora-list@xxxxxxxxxx | *> To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list | *> | |
Once again, check the gpg signatures of the packages.
Add "gpgcheck=1" to your mirror entry in /etc/yum.conf
- -- - ---------- Doug Stewart Systems Administrator/Web Applications Developer Lockheed Martin Advanced Technology Labs
Quidquid latine dictum sit, altum viditur -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFAKTI+N50Q8DVvcvkRAuajAJ0XNl9JwSJP61V04dugVZFUCm/VzwCeNMNW n+RVwzJhwlajJJ1YLvBuqXQ= =p1ZB -----END PGP SIGNATURE-----
