Security Improvement – New GPG Key for Packages Distribution

By Christophe Dujarric, on Jan 08, 2019

In order to improve the security of our releasing, we updated the GPG key used to sign our packages distributed over APT and YUM repositories.

If you don’t use these package managers, you can simply discard the following.

This trusted key has already been deployed in our latest updates few weeks ago. If you’re applying updates regularly, everything should work fine.

However, if you encounter any issue, it could be necessary to trust our new key using the commands:

wget -q -O - https://packages.blackfire.io/gpg.key | sudo apt-key add - && sudo apt-get update
or
wget -O - "http://packages.blackfire.io/fedora/blackfire.repo" | sudo tee /etc/yum.repos.d/blackfire.repo

given the system you’re using.

Happy profiling,

Christophe Dujarric

Christophe is the Chief Product Officer at Blackfire. He's an engineer, but probably one of the least "tech" people in the company. He's wearing many hats, from product management to marketing and sales. He loves the beauty of simple solutions that solve actual problems.