I need to have over the air (OTA) update for a Raspberry Pi board running Debian. I'm thinking of running a cron
job on an apt-get update
and have my own private repository
. So I can push my updates to the repository and the system will automatically pull these updates.
My question is in regard with the security. Is this a safe way of doing OTA or could this potentially allow hackers to push malicious "updates" to my device?
If you do a apt-get update
just your sources.lst gets renewed.
In case you mean apt-get update && apt-get upgrade
(which actually updates your system) I think it does not depend on how you invoke your update but rather on how secure the server is which holds the repository and of course the source where you are getting your new packages (the most save way would be to build them yourself from source).