This is the software repository for packages provided by CISOfy. It contains packages related to Lynis in common formats like RPM and DEB.
|Security scan tool
|Batch upload utility for Lynis Enterprise users
|Plugins for Lynis
|Lynis Enterprise Updater
|Installation and updater utility for Lynis Enterprise self-hosted
Got an issue with the repository? Please report it at GitHub.
Examples of an error that you may encounter, before or after a key rotation:
Error: Execution of '/bin/dnf -d 0 -e 1 -y install lynis' returned 1: warning: Signature not supported. Hash algorithm SHA1 not available. warning: Signature not supported. Hash algorithm SHA1 not available. Problem opening package lynis-3.0.8-100.noarch.rpm Error: GPG check FAILED
Ensure that your repository file (cisofy-lynis.repo) is the same as listed within the examples on this website, purge any cache (dnf clean all), and update.
Err:2 https://packages.cisofy.com/customers/YOUR-LICENSE-KEY/lynis-enterprise/deb daily InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 9DE922F1C2FDE6C4
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://packages.cisofy.com/community/lynis/deb stable InRelease: The following signatures were invalid: EXPKEYSIG 3F873450D48C4F9C CISOfy Software (signed software packages) <firstname.lastname@example.org>
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://packages.cisofy.com/customers/YOUR-LICENSE-KEY/lynis-enterprise/deb daily InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 9DE922F1C2FDE6C4 W: Failed to fetch https://packages.cisofy.com/customers/YOUR-LICENSE-KEY/lynis-enterprise/deb/dists/daily/InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 9DE922F1C2FDE6C4 W: Some index files failed to download. They have been ignored, or old ones used instead.
Solution: import the new key according to the installation steps. For example: sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 013baa07180c50a7101097ef9de922f1c2fde6c4
2023-08-07: several changes were made to our build process, including an upgrade in the software stack. RPM files contain now multiple hashes, so that each different version of RPM can use the strongest hashing algorithm that it supports.
2023-08-02: key change for repository and Linux distributions that use RPM files. Key changed from 824612E20ACF951B to 9DE922F1C2FDE6C4, signature upgraded from RSA/SHA1 to RSA/SHA512. SHA1 was used for a while to keep supporting older distributions. That support is now dropped to prevent newer distributions have to fallback on an outdated hashing algorithm.
2021-06-22: we rotated some of our keys (old key D48C4F9C is replaced by C2FDE6C4). The repo also no longer hosts files for old Debian/Ubuntu distributions (e.g. xenial). Solution: Update your apt file and replace the old distribution name with 'stable' (without quotes).