How Do I Install Private repository package past apt-secure

I’m sort of new to Whonix as a daily driver.
I’m trying to install my VPN software, which requires a private repo.
I’m happy that my sources.list is now much safer,
Is there a way to bypass apt-secure and a unsigned a repo when I choose to do so?

E: Failed to fetch ocean.surfshark . com/debian/dists/stretch/InRelease 403 Forbidden [IP: 104.18.120 34 443]
E: The repository ‘ocean.surfshark com/debian stretch InRelease’ is not signed.
N: Updating from such a repository can’t be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

Unspecific to Whonix, this is a general Debian question.


You answered your question.

Stretch has no security updates for a long time.
If the VPN is only making it available for stretch, then consider discontinue the process.

Current debian stable is Bullseye.

If you allow insecure repositories, you can be MITMed and you wouldn’t even notice at first sight because the repository is not signed and untrusted code is entering your computer.

Also, can’t the VPN provode a openvpn configuration file?

Not as safe when adding a third party repository.

Thanks for Your reply!
I have to agree with You there, I have used OpenVPN years ago and the new version looks great.
But also since I am new to Apt-Secure and am a slow reader I was trying to get a quick knowledge update on navigating apt-secure. (How many LInux daily users are MITM victims on APT???)
How does the rest of the Linux community deal with all being MITMed?!?

Not sure why SurfShark has no updates from squeeze to bullseye, but that is the newest they offer for their in house application. I will just go to OpenVPN, Im not a fan of adding external repos.

[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Contributors] [Investors] [Priority Support] [Professional Support]