[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

RE: When doing an up2date, I get a warning about GPG not signed



Hi

This does not work.

The first command you suggest wants me to run rhn_register which fails.

The second command  does not understand the --import option!




Thanks,
Ernest

-----Original Message-----
From: fedora-list-admin redhat com [mailto:fedora-list-admin redhat com]
On Behalf Of BFD
Sent: Monday, October 20, 2003 9:04 AM
To: fedora-list redhat com
Subject: Re: When doing an up2date, I get a warning about GPG not signed

Williams Jr, Ernest L. wrote:

> Does anyone else get a warning about the packages not being signed 
> with GPG??
> This is potentially dangerous, right?  Should I not proceed with the 
> up2dates.
>

Apparently, from articles in the archives, not all the rawhide packages 
are signed, so this warning may occur.

To decrease the number of warnings for those packages that are signed, 
try this:

Install the rawhide key by doing

'up2date -u fedora-release'

after subscribing to the updates channel, and then

'rpm --import /usr/share/doc/fedora-release-0.95/RPM-GPG-KEY-rawhide'.

By doing this, I reduced my warning messages by about 90%.


You can also disable GPG signature checking by running as root

up2date --config

and selecting the Retrieval/Installation tab, then unchecking the "Use 
GPG to verify package integrity" box.

This choice should be used as last resort for security reasons.

BFD


--
fedora-list mailing list
fedora-list redhat com
http://www.redhat.com/mailman/listinfo/fedora-list




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]