Security Improvement – New GPG Key for Packages Distribution

By Christophe Dujarric, on Jan 08, 2019

In order to improve the security of our releasing, we updated the GPG key used to sign our packages distributed over APT and YUM repositories.

If you don’t use these package managers, you can simply discard the following.

This trusted key has already been deployed in our latest updates few weeks ago. If you’re applying updates regularly, everything should work fine.

However, if you encounter any issue, it could be necessary to trust our new key using the commands:

wget -q -O - https://packages.blackfire.io/gpg.key | sudo apt-key add - && sudo apt-get update
or
wget -O - "http://packages.blackfire.io/fedora/blackfire.repo" | sudo tee /etc/yum.repos.d/blackfire.repo

given the system you’re using.

Happy profiling,

Christophe Dujarric

Christophe is the Chief Product Officer at Blackfire. He has been supporting several start-ups & SMEs to make and sell products out of technologies. He’s involved in every step of the product’s lifecycle, from strategy to design and sales, and loves to coach on product management methods.