[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Problems getting GPG key recognised by RPM

To: suse-security@xxxxxxxx
Subject: Re: [suse-security] Problems getting GPG key recognised by RPM
From: Michel Messerschmidt <lists@xxxxxxxxxxxxxxxxxxxxxxx>
Date: Sun, 25 Jul 2004 15:36:44 +0200
Delivered-to: mailing list suse-security@xxxxxxxx
In-reply-to: <200407211448.58390.eric.seynaeve@xxxxxxxxxxx>
List-help: <mailto:suse-security-help@suse.com>
List-post: <mailto:suse-security@suse.com>
List-subscribe: <mailto:suse-security-subscribe@suse.com>
List-unsubscribe: <mailto:suse-security-unsubscribe-suse=archive.cert.uni-stuttgart.de@suse.com>
Mail-followup-to: suse-security@xxxxxxxx
Mailing-list: contact suse-security-help@xxxxxxxx; run by ezmlm
References: <200407211448.58390.eric.seynaeve@xxxxxxxxxxx>
User-agent: Mutt/1.4.1i

On Wed, Jul 21, 2004 at 02:48:24PM +0200, Eric Seynaeve wrote:
> I'm trying to import a GPG key into RPM for package signature checking. 
> However, the ascii armored key doesn't seem to be recognised by RPM, although 
> the pseudo-package is created.

I had the same problem today with the public key 414A57C3 for the samba 
packages in ftp.suse.com/projects/samba/3.0/


> Also, shouldn't the name of pseudo package give an indication as to the 
> key id?  

Yes. In my case, rpm used the key ID of a signature not of the key itself.


> What am I doing wrong? I found 
> http://lists.suse.com/archive/suse-security/2004-Mar/0073.html indicating 
> that the problem might be in the signature of the key. Can anybody shed some 
> light on this? How do I limit the export of the signature (the exported file 
> is larger than other found signature files). I have tried to export the key 
> from gpg with --openpgp or --pgp2 but that doesn't seem to influence the 
> export.

You can delete signatures from a key with the "delsig" command in the "edit" 
menu:
~> gpg --no-options --no-default-keyring --keyring temp.gpg --recv-keys [id]
~> gpg --no-options --no-default-keyring --keyring temp.gpg --edit [id]
Command> uid 1
Command> delsig

Now answer "y" to all signatures execpt the self-signatures. 
Repeat this for all UIDs.

Command> save
~> gpg --no-options --no-default-keyring --keyring temp.gpg -a -o temp.asc --export [id]
~> rpm --import temp.asc

Or maybe you should ask the package maintainer to provide a public key that
works with rpm :-)

-- 
Michel Messerschmidt           lists@xxxxxxxxxxxxxxxxxxxxxxx
antiVirusTestCenter, Computer Science, University of Hamburg

-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here

Follow-Ups:
- Re: [suse-security] Problems getting GPG key recognised by RPM
  - From: Eric Seynaeve

References:
- [suse-security] Problems getting GPG key recognised by RPM
  - From: Eric Seynaeve

Prev by Date: Re: [suse-security] Getting public keys for signed mails automatically [OT]
Next by Date: Re: [suse-security] password recovery
Previous by thread: [suse-security] Problems getting GPG key recognised by RPM
Next by thread: Re: [suse-security] Problems getting GPG key recognised by RPM
Index(es):
- Date
- Thread