Software Repository

This is the software repository for packages provided by CISOfy. It contains packages related to Lynis in common formats like RPM and DEB.

Available packages

PackageCommunityCustomers
Lynis3.1.3-100 (stable)3.1.3-100 (stable)Security scan tool
Lynis Collectorcustomers only2.0.1-1Batch upload utility for Lynis Enterprise users
Lynis Pluginscustomers only2.1.3-1Plugins for Lynis
Lynis Enterprise Updatercustomers only2.4.0/2.4.1Installation and updater utility for Lynis Enterprise self-hosted

Repositories

Community

I'm not a customer (yet) and want to use the repository on small scale.

» Community Repository

Customers

I'm already a customer and would like to use the repositories with all available packages.

» Customers Repository

Tips and Suggestions


Important notices

Key rotation

Report issues

Got an issue with the repository? Please report it at GitHub.

Common errors

Examples of an error that you may encounter, before or after a key rotation:

SHA1 algorithm no longer supported

Error: Execution of '/bin/dnf -d 0 -e 1 -y install lynis' returned 1: warning: Signature not supported. Hash algorithm SHA1 not available.
warning: Signature not supported. Hash algorithm SHA1 not available.
Problem opening package lynis-3.0.8-100.noarch.rpm
Error: GPG check FAILED

Ensure that your repository file (cisofy-lynis.repo) is the same as listed within the examples on this website, purge any cache (dnf clean all), and update.

Public key missing or incorrect

Err:2 https://packages.cisofy.com/customers/YOUR-LICENSE-KEY/lynis-enterprise/deb daily InRelease                 
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 9DE922F1C2FDE6C4
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used.
GPG error: https://packages.cisofy.com/community/lynis/deb stable InRelease: The following signatures were invalid:
EXPKEYSIG 3F873450D48C4F9C CISOfy Software (signed software packages) <software@cisofy.com>
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://packages.cisofy.com/customers/YOUR-LICENSE-KEY/lynis-enterprise/deb daily InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 9DE922F1C2FDE6C4
W: Failed to fetch https://packages.cisofy.com/customers/YOUR-LICENSE-KEY/lynis-enterprise/deb/dists/daily/InRelease  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 9DE922F1C2FDE6C4
W: Some index files failed to download. They have been ignored, or old ones used instead.

Solution: import the new key according to the installation steps. For example: sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 013baa07180c50a7101097ef9de922f1c2fde6c4

Changes

2023-08-07: several changes were made to our build process, including an upgrade in the software stack. RPM files contain now multiple hashes, so that each different version of RPM can use the strongest hashing algorithm that it supports.

2023-08-02: key change for repository and Linux distributions that use RPM files. Key changed from 824612E20ACF951B to 9DE922F1C2FDE6C4, signature upgraded from RSA/SHA1 to RSA/SHA512. SHA1 was used for a while to keep supporting older distributions. That support is now dropped to prevent newer distributions have to fallback on an outdated hashing algorithm.

2021-06-22: we rotated some of our keys (old key D48C4F9C is replaced by C2FDE6C4). The repo also no longer hosts files for old Debian/Ubuntu distributions (e.g. xenial). Solution: Update your apt file and replace the old distribution name with 'stable' (without quotes).