W: GPG error:
WARNING: The following packages cannot be authenticated!
Puppet gonna be sad too and will complain it can't install packages.
So, admin should place repo public key on servers where that repo is used. This may be achieved in several ways, like downloading key and doing apt-key filename on it, but "true" one is to put the key in package, like debian-backports-keyring did.
Let's assume you already have repo with signing turned on & generated gpg keys, if not, reread
Skeleton for package can be taken from my
/usr/bin/apt-key add /usr/share/keyrings/yourkeyname.key
on postinstall, don't forget to remove key on uninstall:
/usr/bin/apt-key del 038088B3
If everything goes fine, you should see your key with command:
ngxtest:/tmp# gpg --keyring /etc/apt/trusted.gpg --trustdb-name /etc/apt/trustdb.gpg --list-keys
pub 1024D/F42584E6 2008-04-06 [expires: 2012-05-15]
uid Lenny Stable Release Key <email@example.com>
pub 4096R/55BE302B 2009-01-27 [expires: 2012-12-31]
uid Debian Archive Automatic Signing Key (5.0/lenny) <firstname.lastname@example.org>
pub 2048R/6D849617 2009-01-24 [expires: 2013-01-23]
uid Debian-Volatile Archive Automatic Signing Key (5.0/lenny)
pub 1024D/16BA136C 2005-08-21
uid Backports.org Archive Key <email@example.com>
sub 2048g/5B82CECE 2005-08-21
pub 4096R/B98321F9 2010-08-07 [expires: 2017-08-05]
uid Squeeze Stable Release Key <firstname.lastname@example.org>
pub 4096R/473041FA 2010-08-27 [expires: 2018-03-05]
uid Debian Archive Automatic Signing Key (6.0/squeeze) <email@example.com>