[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [suse-security] Problems getting GPG key recognised by RPM
On Wed, Jul 21, 2004 at 02:48:24PM +0200, Eric Seynaeve wrote:
> I'm trying to import a GPG key into RPM for package signature checking.
> However, the ascii armored key doesn't seem to be recognised by RPM, although
> the pseudo-package is created.
I had the same problem today with the public key 414A57C3 for the samba
packages in ftp.suse.com/projects/samba/3.0/
> Also, shouldn't the name of pseudo package give an indication as to the
> key id?
Yes. In my case, rpm used the key ID of a signature not of the key itself.
> What am I doing wrong? I found
> http://lists.suse.com/archive/suse-security/2004-Mar/0073.html indicating
> that the problem might be in the signature of the key. Can anybody shed some
> light on this? How do I limit the export of the signature (the exported file
> is larger than other found signature files). I have tried to export the key
> from gpg with --openpgp or --pgp2 but that doesn't seem to influence the
You can delete signatures from a key with the "delsig" command in the "edit"
~> gpg --no-options --no-default-keyring --keyring temp.gpg --recv-keys [id]
~> gpg --no-options --no-default-keyring --keyring temp.gpg --edit [id]
Command> uid 1
Now answer "y" to all signatures execpt the self-signatures.
Repeat this for all UIDs.
~> gpg --no-options --no-default-keyring --keyring temp.gpg -a -o temp.asc --export [id]
~> rpm --import temp.asc
Or maybe you should ask the package maintainer to provide a public key that
works with rpm :-)
Michel Messerschmidt lists@xxxxxxxxxxxxxxxxxxxxxxx
antiVirusTestCenter, Computer Science, University of Hamburg
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here