From mboxrd@z Thu Jan 1 00:00:00 1970 From: zimoun Subject: Re: Guix and remote trust Date: Fri, 13 Dec 2019 16:26:13 +0100 Message-ID: References: <87eex9r5ay.fsf@ambrevar.xyz> <87h825wkj6.fsf@cbaines.net> <87h824d319.fsf@ambrevar.xyz> <8736doct1z.fsf@ambrevar.xyz> <87d0csbbyh.fsf@ambrevar.xyz> <87d0css5uh.fsf@ambrevar.xyz> Mime-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Return-path: Received: from eggs.gnu.org ([2001:470:142:3::10]:41583) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1ifmpm-00078r-B6 for help-guix@gnu.org; Fri, 13 Dec 2019 10:26:27 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ifmpl-0003bk-D2 for help-guix@gnu.org; Fri, 13 Dec 2019 10:26:26 -0500 Received: from mail-qt1-x82b.google.com ([2607:f8b0:4864:20::82b]:46231) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1ifmpl-0003a7-7d for help-guix@gnu.org; Fri, 13 Dec 2019 10:26:25 -0500 Received: by mail-qt1-x82b.google.com with SMTP id 38so2512361qtb.13 for ; Fri, 13 Dec 2019 07:26:25 -0800 (PST) In-Reply-To: <87d0css5uh.fsf@ambrevar.xyz> List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-guix-bounces+gcggh-help-guix=m.gmane.org@gnu.org Sender: "Help-Guix" To: Pierre Neidhardt Cc: help-guix Hi Pierre, Thinking a bit of your issue and you have right: you cannot. I mean, if you cannot trust the Guix daemon on a remote machine, everything is doomed. Period! :-) To me, you are asking: how can I verify the validity of a signature using an untrusted GPG. Well, you cannot. The untrusted GPG can say whatever it wants then it is game over. Trusting trust attack. Well, so you need to transport one trusted Guix on the untrusted machine balaitou. For example, you create a container with Guix (code and daemon) from the trusted machine aneto and then you move this container to balaitou. From the machine balaitou, you start the container mounting /gnu/store/ and verify the integrity (using the trusted guix). Then you will know if you can trust or not the /gnu/store. Something like that... I do not know. Cheers, simon