GPG-pubkeys
Jeff Johnson
n3npq at mac.com
Mon Sep 11 08:49:34 PDT 2006
On Sep 11, 2006, at 11:38 AM, Basil Chupin wrote:
> Christoph Thiel wrote:
>> On Tue, 12 Sep 2006, Basil Chupin wrote:
>>> I don't remember having to accept a gpg-key from each and every
>>> source of upgrades for my OS (SUSE) but only 2 or possibly 3
>>> sites had to have their gpgs accepted or rejected (but who in
>>> their right mind would do that anyway?). So, what is the big deal
>>> about these gpg-keys when they are not universally used?
>> That's because we only have 2 major keys for SUSE / openSUSE --
>> one for the distribution and the other one for the Build Service.
>
> Ok, so what you seem to be suggesting is that I would have had to
> manually accept those keys at some early stage before smart did any
> upgrading from these sources and now the upgrades are done without
> me being questioned about the gpgs?
>
Yep. As long as the pubkeys are in rpm's keyring, there will be no
dialogue.
The dialogue is about automating the import of new public keys,
should be
one time no matter what.
> At the same time, are these same keys used by all the mirrors which
> are listed in smart's list of mirrors used for upgrading?
>
Almost certainly, but there may be public keys for uses other than
verifying package integrity
associated with a repository, that is a different problem.
73 de Jeff
More information about the Smart
mailing list