Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 29 Next »

In order to maintain the security of your server, our software, starting from version 20230801, uses APT/Debian package management infrastructure to ensure that you are installing software signed by GB. This helps immunize your server against attacks on GB software distribution servers. Even if an attacker manages to somehow place their own software on GB repositories, your server will not trust it because the software is not signed by GB.

Here are the steps on how to download GENERAL BYTES public key that your machine will always trust when downloading new software packages from GENERAL BYTES.

KYC is now required by GB!

Access to the private APT repository is provided only to our Operators that:

  1. undergo additional KYC checks, and

  2. have paid all current invoices.

Please contact the Sales department if you cannot access the package repository during CAS installation or CAS update.

1. Download the repository public key to your key rings folder.

Run the following command to download the public key:

sudo wget -O /usr/share/keyrings/generalbytes-repo.public https://trust.generalbytes.com/generalbytes-repo.public

2. Check the digital signature of the downloaded public key.

Make sure that the public key has the correct checksum.

sha256sum /usr/share/keyrings/generalbytes-repo.public

The correct checksum is:

6f65c52005425872acd880cbf9c3975fdc1db45fc85b60ef981482cead51746b  /usr/share/keyrings/generalbytes-repo.public

3. Compare the checksum of GENERAL BYTES public key from the repository.

sudo wget -q -O - https://packages.generalbytes.com/generalbytes-repo.public | sha256sum

The correct checksum of the key at packages.generalbytes.com must be the same as the one downloaded in step 1 from trust.generalbytes.com.

6f65c52005425872acd880cbf9c3975fdc1db45fc85b60ef981482cead51746b  -

4. Verification

Contact Support if:

  • any of the steps fail, or

  • the checksum is invalid, or

  • the checksums differ.

Continuing may result in the installation of an untrusted key and subsequently: untrusted software in the future.


Troubleshooting

The license issued by GENERAL BYTES may be revoked without warning.

If your license fails to be accepted during an APT update, CAS update, or CAS installation, please contact Sales to ensure that your account is in good standing.


Removal

The changes made to APT will prevent APT from installing updates - including security updates - if the license is invalid for any reason. If you continue to use the server (without CAS), then you should remove the modifications to your Ubuntu.

DO NOT DO THIS UNLESS REQUIRED!

To temporarily disable the GB APT Repository:

Rename this file:

sudo mv /etc/apt/sources.list.d/generalbytes-repo.list /etc/apt/sources.list.d/generalbytes-repo.list~

Re-enable the file when you’re ready to update CAS:

sudo mv /etc/apt/sources.list.d/generalbytes-repo.list~ /etc/apt/sources.list.d/generalbytes-repo.list

To permanently remove the GB APT repository:

sudo rm /usr/share/keyrings/generalbytes-repo.public
sudo rm /etc/apt/sources.list.d/generalbytes-repo.list
sudo apt update

  • No labels