I have some questions about installing fedora via http.
1. After the installation do I still need to use 'yum' to upgrade packages as I will need if I install it from CDROM?
2. How secure is installing via http and updating with yum against man-in-the-middle attacks?
On Sun, 29 Apr 2007 12:01:25 +0300, Angelin Lalev wrote:
I have some questions about installing fedora via http.
- After the installation do I still need to use 'yum' to upgrade
packages as I will need if I install it from CDROM?
[...]
yes. When I did a clean-install of FC5, I opted for a "minimal" install, then used yum to install everything else, IIRC.
On FC6 it was more finicky, and kept failing until I just went with the default configuration (open office, etc).
Once you have a terminal, several yum repo's will be already installed, enough to get you going.
You can do a http (or ftp) install from the rescue cd, by the way, which is what I've used so far (that way I have a rescue-cd).
-Thufir
On Sun, 2007-04-29 at 12:01 +0300, Angelin Lalev wrote:
I have some questions about installing fedora via http.
- After the installation do I still need to use 'yum' to upgrade
packages as I will need if I install it from CDROM?
I can't remember the answer to that one. I don't think so, but I'm not sure. It was quite some time ago I I did that.
Have a look at the install script, and see if it specifically only uses the core and extras repos, ignoring the updates ones.
- How secure is installing via http and updating with yum against
man-in-the-middle attacks?
All the packages should be signed, with keys you can get from an official source. It ought to be safe from that sort of thing (bogus package replacement), but I can imagine a problem where unsigned packages get inserted (they wouldn't get checked).
-
Angelin Lalev -
Thufir -
Tim