RE: Errata already

["Post, Mark K" <mark post eds com>]

Jay,

I only have the official key installed.  Where do I get the beta key?

Also, the message wasn't that the signature could not be verified.  The
message was stating that the packages were not signed at all.


Mark Post

-----Original Message-----
From: Jay Turner [mailto:jkt redhat com]
Sent: Wednesday, July 30, 2003 2:19 PM
To: taroon-beta-list redhat com
Subject: Re: Errata already


On Wed, Jul 30, 2003 at 12:53:27PM -0400, Post, Mark K wrote:
> One thing I noticed is that none of the updated packages are GPG signed.
> This is something of an irritant, as well as a security concern.
> Particularly since the update agent went to the trouble of going through
the
> process of installing the Red Hat public key in my GPG keyring.
> 
> Is this SOP for Beta testing?  Or was this an oversight?

Verify that you have the Red Hat Beta key installed:

[haring (root):~]# rpm -qa gpg-pubkey
gpg-pubkey-897da07a-3c979a7f
gpg-pubkey-db42a60e-37ea5438

The first one is the Red Hat Beta key and the second one is the official
Red Hat key.  All of the package updates you are downloading from RHN
should be signed with the beta key.

- jkt
-- 
--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*
Jay Turner, QA Technical Lead      jkt redhat com             Red Hat, Inc. 

        Reality is merely an illusion, albeit a very persistent one.
                                                   - Albert Einstein


--
Taroon-beta-list mailing list
Taroon-beta-list redhat com
http://www.redhat.com/mailman/listinfo/taroon-beta-list