[olug] Missing public keys

Jon Larsen relayer at levania.org
Tue Dec 13 02:23:38 UTC 2005 

Noel Leistad wrote:
> Had running FC4/Myth/PVR500, though "running" could be quailified.
> 
> Anyway, do to issues not "myth" related, I'm re-installing FC4. 
> Following wilsonet.com/mythtv/fcmyth howto. I'm getting "Public key for 
> *.rpm" more often than I'd like and definitely more often than the first 
> time I installed. Outside of some PVR500 config issues, that install 
> went nearly flawlessly and "per the book".
> 
> Is there an easy way to check which keys are installed? As an FYI, using 
> these repos:
> atrpms.repo
> base.repo
> dag.repo
> dries.repo
> fedoraextras.repo
> flash.repo
> freshrpms.repo
> gstreamer.repo
> jpackage.repo
> kde-redhat.repo
> livna.repo
> newrpms.repo
> nrpms.repo
> 
> huh?? that's sort of a surprise, recall adding freshrpms and atrpms, but 
> the rest...
> Oh, needed something in livna so installed that repo, possibly that's my 
> source of foobar?
> 
> To "remove" a repo, rename or delete from /etc/yum.repos.d/ then yum 
> clean all ??
> 

First, perform a 'yum clean all'.

You can disable a repo by editing the .repo file and changing enabled=1 
to enabled=0

Or

You can disable a repo with the yum command line
yum --disablerepo=reponame



You can list the gpg keys in your rpm database with:
rpm -qa gpg-pubkey*

In terms of the gpg key related to the .repo file, you can have a line 
in your .repo file which points to the specific GPG key:

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-extras

Or

gpgkey=http://freshrpms.net/RPM-GPG-KEY-freshrpms

In conjunction with the gpgcheck entry, it should take care of getting 
the correct gpgkey for the repo and checking it against the rpm files.

According to the man page for yum.conf:

gpgcheck
   Either  ‘1’  or ‘0’. This tells yum whether or not it should perform 
a GPG signature check on the packages gotten from this repository.

gpgkey
  A URL pointing to the ASCII-armoured GPG key file for the repository. 
This option  is  used  if  yum  needs  a public key to verify a package 
and the required key hasn’t been imported into the RPM database. If this 
option is set,  yum  will  automatically  import the key from the 
specified URL. You will be prompted before the key is installed unless 
the  assumeyes  option is set.


But, I've always did the 'rpm --import gpg.key' myself.

Jon L.

-- 
Jon H. Larsen  - relayer \at\ levania \dot\ org
Omaha Linux Users Group - http://www.olug.org/
AnimeSunday.org - http://www.animesunday.org/
ICQ#: 10412618 - http://www.levania.org/~relayer/
GPG/PGP Pubkey - http://www.levania.org/~relayer/relayerpubkey.txt

More information about the OLUG mailing list