V3 DSA signature: NOKEY
Rick Stevens
rstevens at vitalstream.com
Fri Feb 25 17:15:02 UTC 2005
Bill Brunt wrote:
> I'm getting the error "V3 DSA signature: NOKEY" when trying to install
> the compat-stdlibc++.296.... rpm. I googled this and am a little
> bewildered via the responses.
>
> How would I remedy this error?
> I'm trying to install Oracle9iR2 on RH ES4 and I think this is a rpm
> required.
That message is rpm dutifully telling you that it can't verify the
authenticity of the RPM package you're installing because you don't have
the GPG keys installed. It's not *technically* an error. The package
will install.
You should be aware that, since the authenticity of the package can't be
verified, you may be installing a package that has a trojan horse virus
in it. The only way to verify the package is clean is to check its MD5
checksum or verify that it was signed with the proper GPG key.
You should have a fairly complete list of keys in the /usr/share/rhn
directory. You import the GPG keys into RPM by:
# cd /usr/share/rhn
# rpm --import *-KEY
Now RPM can ensure that, at least, the package was built by people who
are reliable and that it came from a secure source.
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com -
- VitalStream, Inc. http://www.vitalstream.com -
- -
- If Bill Gates got a dime for every time Windows crashes... -
- ...oh, wait. He does. THAT explains it! -
----------------------------------------------------------------------
More information about the Redhat-install-list
mailing list