[root@nite bduke]# ls desktop-sectools.sh MySQL-server-4.1.1-1.i386.rpm rhn-packages.tar keychain-2.3.5-1.noarch.rpm net_platform.bin xmms keychain-2.3.5-1.src.rpm php-mysql-4.2.2-17.2.i386.rpm MySQL-client-4.1.1-0.i386.rpm rhn-packages [root@nite bduke]# gpg --keyserver pgp.mit.edu --recv-key #20104eb0 [root@nite bduke]# rpm -K keychain-2.3.5-1.noarch.rpm keychain-2.3.5-1.noarch.rpm: (SHA1) DSA sha1 md5 (GPG) NOT OK (MISSING KEYS: GPG#2010 4eb0) [root@nite bduke]# Reproducible: Always Steps to Reproduce: 1.Redhat9.0 system 2.scp rpms 3.run "gpg --keyserver pgp.mit.edu --recv-key #20104eb0" 4.run "rpm -K keychain-2.3.5-1.noarch.rpm" Actual Results: keychain-2.3.5-1.noarch.rpm: (SHA1) DSA sha1 md5 (GPG) NOT OK (MISSING KEYS: GPG#20104eb0) Expected Results: I guess it should have authenticated
I just tried to follow the directions on the preceeding page: > Code Listing 3.2: Keychain RPM installation > (Install the public key used to sign the rpms) > # gpg --keyserver pgp.mit.edu --recv-key 20104eb0 > (Both md5 and gpg should be OK) > # rpm -K keychain-2.3.5-1.noarch.rpm > (Installs the RPM) > # rpm -Uvh keychain-2.3.5-1.noarch.rpm when I issue the rpm -K the keys fail
Aron?
*** Bug 61471 has been marked as a duplicate of this bug. ***
Fixed, the instructions now say: (Fetch the public key used to sign the rpms) # gpg --keyserver pgp.mit.edu --recv-key 20104eb0 (Verify the fingerprint of the obtained key) # gpg --fingerprint 20104eb0 pub 1024D/20104EB0 2003-09-28 Aron Griffis <agriffis@gentoo.org>; Key fingerprint = E3B6 8734 C2D6 B5E5 AE76 FB3A 26B1 C5E3 2010 4EB0 sub 1024g/A2D963E7 2003-09-28 (Import key to rpm's keyring) # gpg --export --armor 20104eb0 > /tmp/20104eb0.pub # rpm --import /tmp/20104eb0.pub # rm /tmp/20104eb0.pub (Test the rpm; both md5 and gpg should be OK) # rpm -K keychain-2.4.3-1.noarch.rpm (Install the rpm) # rpm -Uvh keychain-2.4.3-1.noarch.rpm
I can only wish this was fixed....example: [root@nite bd]# gpg --keyserver pgp.mit.edu --recv-key 20104eb0 gpg: key 20104EB0: duplicated user ID detected - merged gpg: key 20104EB0: "Aron Griffis <agriffis@gentoo.org>" not changed gpg: Total number processed: 1 gpg: unchanged: 1 [root@nite bd]# gpg --fingerprint 20104eb0 pub 1024D/20104EB0 2003-09-28 Aron Griffis <agriffis@gentoo.org> Key fingerprint = E3B6 8734 C2D6 B5E5 AE76 FB3A 26B1 C5E3 2010 4EB0 uid Aron Griffis <agriffis@gentoo.org> sub 1024g/A2D963E7 2003-09-28 [root@nite bd]# gpg --export --armor 20104eb0 > /tmp/20104eb0.pub [root@nite bd]# rpm --import /tmp/20104eb0.pub [root@nite bd]# rm /tmp/20104eb0.pub rm: remove regular file `/tmp/20104eb0.pub'? y [root@nite bd]# rpm -K keychain-2.4.3-1.noarch.rpm keychain-2.4.3-1.noarch.rpm: (SHA1) DSA sha1 md5 (GPG) NOT OK (MISSING KEYS: GPG#20104eb0) [root@nite bd]# as noted I did exactly what was the new procedure and just like a champ it fails the GPG again Aron I hesitate to install if I can't be sure what I have downloaded comes from your servers untouched.
Brian, what distro are you using? I've just retested this and it seems to work fine for me, using the same sequence of instructions that you're using. I'm testing with rpm on Gentoo (since I'm not actually installing): # rpm --version RPM version 4.2.1
I guess I NEEDINFO. I can't make this fail...
