How to use Extended LTS

To benefit from the security updates, you just have to configure APT to use our extended LTS repository.

Adding extended LTS repositories to APT

Installing the freexian archive GPG key

The extended LTS repositories are signed with the following GPG key:

sec   rsa4096 2018-05-28 [SC] [expires: 2023-05-27]
      AB597C4F6F3380BD4B2BEBC2A07310D369055D5A
uid           [ultimate] Extended LTS Repository <sysadmin@freexian.com>

To enable this key in your APT configuration, you have the following choices:

  • manually install the freexian-archive-keyring package with wget https://deb.freexian.com/extended-lts/pool/main/f/freexian-archive-keyring/freexian-archive-keyring_2018.05.29_all.deb && sudo dpkg -i freexian-archive-keyring_2018.05.29_all.deb
  • manually fetch the key with sudo wget https://deb.freexian.com/extended-lts/archive-key.gpg -O /etc/apt/trusted.gpg.d/freexian-archive-extended-lts.gpg

You might want to double check that the key fingerprint outputted by apt-key list matches the one shown above.

sources.list entries for APT

Here’s what you should put in /etc/apt/sources.list.d/extended-lts.list:

deb http://deb.freexian.com/extended-lts wheezy-lts main contrib non-free

If you want to also benefit from the Linux 3.16 kernel backported from Debian 8 Jessie, then you should also enable the wheezy-lts-kernel repository:

deb http://deb.freexian.com/extended-lts wheezy-lts-kernel main

Be nice, use local mirrors/caches

There are currently no mirrors of this service and it runs on a small dedicated server. If you have many machines to keep secure, please make a local mirror (or use some cache) and point your machines to your local mirror (or cache) instead of pointing them to the repositories provided by Freexian.