In order to maintain the security of your server, our software, starting from version 20230801, uses APT/Debian package management infrastructure to ensure that you are installing software signed by GB. This helps immunize your server against attacks on GB software distribution servers. Even if an attacker manages to somehow place their own software on GB repositories, your server will not trust it because the software is not signed by GB.
Here are the steps on how to download GENERAL BYTES public key that your machine will always trust when downloading new software packages from GENERAL BYTES.
KYC is now required by GB!Access to the private APT repository is provided only to our Operators that:
Please contact the Sales department if you cannot access the package repository during CAS installation or CAS update. |
Run the following command to download the public key:
sudo wget -O /usr/share/keyrings/generalbytes-repo.public https://trust.generalbytes.com/generalbytes-repo.public |
Make sure that the public key has the correct checksum.
sha256sum /usr/share/keyrings/generalbytes-repo.public |
The correct checksum is:
6f65c52005425872acd880cbf9c3975fdc1db45fc85b60ef981482cead51746b /usr/share/keyrings/generalbytes-repo.public |
sudo wget -q -O - https://packages.generalbytes.com/generalbytes-repo.public | sha256sum |
The correct checksum of the key at packages.generalbytes.com must be the same as the one downloaded in step 1 from trust.generalbytes.com.
6f65c52005425872acd880cbf9c3975fdc1db45fc85b60ef981482cead51746b - |
Contact Support if:
Continuing may result in the installation of an untrusted key and subsequently: untrusted software in the future. |
For installation and updates, the repository must be specifically added to the Ubuntu system.
Create the repository file:
sudo touch /etc/apt/sources.list.d/generalbytes-repo.list |
Edit the new file using nano:
sudo nano /etc/apt/sources.list.d/generalbytes-repo.list |
Add the following line to the file:
deb [arch=amd64 signed-by=/usr/share/keyrings/generalbytes-repo.public] https://packages.generalbytes.com/LICENSE ./stable main |
Replace “LICENSE” with your actual GENERAL BYTES approved license key.
Example:
Save and exit the nano editor (Press Ctrl+X, and answer “Y” when asked to save the file).
read -p"Enter your license number and press ENTER:" LL && [ "$LL" == "" ] && echo "bad lincence number try again" || sudo sh -c "echo 'deb [arch=amd64 signed-by=/usr/share/keyrings/generalbytes-repo.public] https://packages.generalbytes.com/$LL ./stable main' > /etc/apt/sources.list.d/generalbytes-repo.list" |
sudo apt update |
The license issued by GENERAL BYTES may be revoked without warning.
If your license fails to be accepted during an APT update, CAS update, or CAS installation, please contact Sales to ensure that your account is in good standing.
The changes made to APT will prevent APT from installing updates - including security updates - if the license is invalid for any reason. If you continue to use the server (without CAS), then you should remove the modifications to your Ubuntu.
DO NOT DO THIS UNLESS REQUIRED!
Rename this file:
sudo mv /etc/apt/sources.list.d/generalbytes-repo.list /etc/apt/sources.list.d/generalbytes-repo.list~ |
Re-enable the file when you’re ready to update CAS:
sudo mv /etc/apt/sources.list.d/generalbytes-repo.list~ /etc/apt/sources.list.d/generalbytes-repo.list |
sudo rm /usr/share/keyrings/generalbytes-repo.public sudo rm /etc/apt/sources.list.d/generalbytes-repo.list sudo apt update |
You might want to check if a patch is available before shutting down CAS and upgrading. You can do this while CAS is up.
apt update && apt show -a batm-server-upgrade-20240201 |
where the version sought is 20240201
The current patch versions will be displayed.