Use Debian + TLS repositories

Questions about other topics and general discussion about LMDE
Forum rules
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
Locked
Mintous

Use Debian + TLS repositories

Post by Mintous »

I saw that for some unknown reasons that Debian repositories in LMDE not using main debian repository for security repo.

These are the default main debian repository https://wiki.debian.org/SourcesList: (without TLS)

Code: Select all

deb http://deb.debian.org/debian buster main
#deb-src http://deb.debian.org/debian buster main

deb http://deb.debian.org/debian buster-updates main
#deb-src http://deb.debian.org/debian buster-updates main

deb http://deb.debian.org/debian-security/ buster/updates main
#deb-src http://deb.debian.org/debian-security/ buster/updates main
So if we want to use the TLS version we just add "s" to http and thats it (assuming apt-transport-tls is preinstalled)

the problem is lmde using debian security repo without TLS security.debian.org, this is not the default repo for debian distros nor it support TLS.

using https add another layer of security to the connection and avoid traffic manipulation:

https://github.com/QubesOS/qubes-issues/issues/4415

-------

Another level of security which using Onion repositories, but i think TLS is enough for the end user: (apt-transport-tor package needed to be pre-installed before adding onion repos)

https://blog.torproject.org/debian-and- ... n-services
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Top
Locked

Return to “Other Topics & Open Discussion”