Secured Portage Sync

= Secured Portage Sync =

The standard portage sync command uses the unsecured rsync protocol by default.

A man in the middle attack or rogue rsync mirror may alter the data and cause malformed packages to be installed.

One alternative is a secure sync using emerge-webrsync, which uses the HTTP protocol to retrieve a validated Portage tarball, signed by the Gentoo Foundation with a GPG key. It will test the tarball signature and timestamp to verify the tarball before it's installed on the system.

Installation
Be sure to check the double check the fingerprint on the release engineering page.

Add: