[PVE-User] HTTPS for download.proxmox.com

lemonnierk at ulrar.net lemonnierk at ulrar.net
Thu Nov 30 15:49:50 CET 2017


> Not true: It gives you the certainty to be connected to the "real" 
> proxmox page and not a fake page, e.g. by being redirected through a 
> hacked nameserver or local resolver.

Sure, but the packages are signed. Since apt does check that itself,
where you connect really doesn't matter, you are already sure the
packages are only installed if they come from the actual proxmox repo
(at least you are sure if you pay attention to what key you import into
apt)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Digital signature
URL: <http://lists.proxmox.com/pipermail/pve-user/attachments/20171130/5fae240b/attachment.sig>


More information about the pve-user mailing list