How to create an offline Ubuntu repository

Debmirror program  creates a local mirror of a Deban repository. A quick way to build an offline repository, save it to to an USB drive, and use it on a computer without internet access:

1. Install the application on a computer with internet:
   

   $ sudo apt-get install debmirror
   

2. Get the key for the repository and add it to the keyring. This can be done be importing it from a debian keyring:
   

   $ gpg --no-default-keyring --keyring /home/USER/.gnupg/trustedkeys.gpg --import /usr/share/keyrings/ubuntu-archive-keyring.gpg
   

3. Download the repository (approximate sizes for different repositories can be found in the man page):
   

   $ sudo debmirror -a i386 --no-source -s main -h ro.archive.ubuntu.com -d natty,natty-updates,natty-security -r /ubuntu --progress -e http mirror
   

   This mirrors section main of Ubuntu 11.04 Natty, updates and security.   All options are explained in the man page.
   
4. Mount usb device containing the repository to the other computer:
   

   $ mount /dev/sdb1 /mnt/usb
   

5. Create a backup copy of sources.list file and modify it:
   

   $ sudo cp /etc/apt/sources.list /etc/apt/sources.list.backup
   $ sudo vim /etc/apt/sources.list
   

   Delete all content and add just:
   

   deb file:///mnt/usb/mirror natty main
   deb file:///mnt/usb/mirror natty-updates main
   deb file:///mnt/usb/mirror natty-security main
   

6. Retrieve the new list of packages from the offline repository:
   

   $ sudo apt-get update
   

7. Upgrade the repository:
   

   $ sudo apt-get upgrade
   

8. Start installing packages....
   

Use OpenSSL to sign a document

OpenSSL is an open source cryptography  library with lots of useful functions. First part, how to sign a document using DSA signature scheme. 

1. Use dsaparam to generate DSA parameters(p, q, g), used to generate keys (possibly several keys):
   openssl dsaparam 1024 > dsaparam.pem
   
2. Generate key file (contains private and public key):
   openssl gendsa dsaparam.pem -out dsa_key.pem 
   Or, if the parameters p,q,g weren't precomputed (step 1):
   openssl dsaparam -noout -out dsa_key.pem -genkey 1024
   
3. Extract public key
   openssl.exe dsa -in dsa_key.pem -pubout -out dsa_pub_key.pem
   
4. Generate sha1 hash of a file.
   openssl dgst -sha1 foo.txt | awk '{print $2}' > foo.txt.sha1
   
5. Sign the hash
   openssl dgst -dss1 -sign dsa_key.pem text.txt.sha1 >foo.txt.sig
   
6. Verify the signature (using public key)
   openssl dgst -dss1 -verify dsa_pub_key.pem -signature foo.txt.sig foo.txt.sha1
   

Links:

1.  DSA key processing man page
2. OpenSSL command-line Howto