Software Repository

This is the software repository for packages provided by CISOfy. It contains packages related to Lynis in common formats like RPM and DEB.

Fair-use

The software repositories are rate-limited. The community repository is meant to allow as many people as possible to pull in the latest updates of the packages.

Are you a company with more than 10 systems? Set up your own caching proxy.

Available packages

Package	Community	Customers
Lynis	3.1.4-100 (stable)	3.1.4-100 (stable)	Security scan tool
Lynis Collector	customers only	2.0.1-1	Batch upload utility for Lynis Enterprise users
Lynis Plugins	customers only	2.1.3-1	Plugins for Lynis
Lynis Enterprise Updater	customers only	2.4.0/2.4.1	Installation and updater utility for Lynis Enterprise self-hosted

Repositories

Community

I'm not a customer (yet) and want to use the repository on small scale.

Lynis client

» Community Repository

Customers

I'm already a customer and would like to use the repositories with all available packages.

Lynis client
Lynis plugins
Lynis Collector

» Customers Repository

Tips and Suggestions

Mirror or Synchronize a repository

Important notices

2025-03-11: the minimum TLS version has been increased, now that many of the older (and outdated) Linux distributions support newer TLS versions.
2025-03-10: packages.cisofy.com has new IP addresses (89.41.171.41 / 2a01:7c8:e001:1cb::c1d4) as part of a migration
2023-08-07: For better backward compatibility we signed RPMs with the old key again (0ACF951B, public key).
2023-08-07: several changes were made to our build process, including an upgrade in the software stack. RPM files contain now multiple hashes, so that each different version of RPM can use the strongest hashing algorithm that it supports.
2023-08-03: Key for RPMs was previously 0ACF951B and is now C2FDE6C4.
2023-08-02: key change for repository and Linux distributions that use RPM files. Key changed from 824612E20ACF951B to 9DE922F1C2FDE6C4, signature upgraded from RSA/SHA1 to RSA/SHA512. SHA1 was used for a while to keep supporting older distributions. That support is now dropped to prevent newer distributions have to fallback on an outdated hashing algorithm.
2021-06-22: Key D48C4F9C is replaced by C2FDE6C4.
2021-06-22: we rotated some of our keys (old key D48C4F9C is replaced by C2FDE6C4). The repo also no longer hosts files for old Debian/Ubuntu distributions (e.g. xenial). Solution: Update your apt file and replace the old distribution name with 'stable' (without quotes).

Issues with the repository

Getting a 403?

Most likely your IP address or network has been blocked due to excessive requests. This repository is fair-use and excessive requests may hinder the service for others.

Set up a caching proxy or internal repository server that pulls in updates. Then point your client systems to your own repository or have them fetch the updates via your proxy.

Report issues

Got an issue with the repository? Please report it at GitHub.

Common errors

Examples of an error that you may encounter, before or after a key rotation:

SHA1 algorithm no longer supported

Error: Execution of '/bin/dnf -d 0 -e 1 -y install lynis' returned 1: warning: Signature not supported. Hash algorithm SHA1 not available.
warning: Signature not supported. Hash algorithm SHA1 not available.
Problem opening package lynis-3.0.8-100.noarch.rpm
Error: GPG check FAILED

Ensure that your repository file (cisofy-lynis.repo) is the same as listed within the examples on this website, purge any cache (dnf clean all), and update.

Public key missing or incorrect

Err:2 https://packages.cisofy.com/customers/YOUR-LICENSE-KEY/lynis-enterprise/deb daily InRelease                 
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 9DE922F1C2FDE6C4

W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used.
GPG error: https://packages.cisofy.com/community/lynis/deb stable InRelease: The following signatures were invalid:
EXPKEYSIG 3F873450D48C4F9C CISOfy Software (signed software packages) <software@cisofy.com>

W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://packages.cisofy.com/customers/YOUR-LICENSE-KEY/lynis-enterprise/deb daily InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 9DE922F1C2FDE6C4
W: Failed to fetch https://packages.cisofy.com/customers/YOUR-LICENSE-KEY/lynis-enterprise/deb/dists/daily/InRelease  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 9DE922F1C2FDE6C4
W: Some index files failed to download. They have been ignored, or old ones used instead.

Solution: import the new key according to the installation steps. For example: sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 013baa07180c50a7101097ef9de922f1c2fde6c4