This is an unofficial Debian repository for RISC-V 64-bit (riscv64).
The following URL contains more information about it: https://wiki.debian.org/RISC-V
This repository is neither complete nor stable, and it doesn't promise stability or upgradability.
You need to provide a basic system (with GNU libc, dynamic loader and so on) from circa 15th of November of 2016, either created by yourself (e.g, something simple with just toolchain and something like busybox) or downloaded from other sites of the network.
This is necessary due to the fact that support in key components like GNU libc has not been upstreamed yet, and there are incompatible changes in the toolchain (compiler, assembler, C library, etc.) that happen from time to time, probably with more to come. We will try to keep it more up to date in the future.
The packages can be unpacked on that system, along with their dependencies, and they should work; it works better if they are installed with dpkg -i once dpkg works.
Static packages should work even with different versions of GNU libc (with very old or very recent OS images), but there are very few packages in Debian with binaries compiled statically. If nothing else works, try bash-static.
To use this repository, add these lines to /etc/apt/sources.list:
deb [ arch=riscv64 signed-by=/usr/share/keyrings/debian-keyring.gpg ] http://riscv.mit.edu/debian unstable main deb-src [ signed-by=/usr/share/keyrings/debian-keyring.gpg ] http://riscv.mit.edu/debian unstable main
The repository is signed with the key from Manuel as Debian Developer, contained in the file /usr/share/keyrings/debian-keyring.gpg, which is part of the package debian-keyring (available from Debian and derivatives). `apt` will check the authenticity of the repository for you.
If not in a Debian system (or derivative), you can also check the signed Release file in http://riscv.mit.edu/debian/dists/unstable/ (which contains the checksum of files which in turn contain the checksums of sources and binaries), it is signed by Manuel's key, which is in turn signed by other people's (some of whom you may know and trust) and published in the keyserver pgp.mit.edu (http://pgp.mit.edu/pks/lookup?op=vindex&search=0x7F7606A445DCA80E) for example, as well as in the Debian package mentioned above.
So if you trust the signature, verify that Release file is correctly signed by it and the checksums of the files that you download match, you are good to go.
No images are provided at the moment.