On 12 June 2015 at 19:03, Mark LaPierre <marklapier(a)gmail.com> wrote:
On 06/12/15 20:33, Stephen John Smoogen wrote:
> On 12 June 2015 at 17:41, Mark LaPierre <marklapier(a)gmail.com> wrote:
>> I tried to install security updates:
>> ntfs-3g-2:2015.3.14-2.el6 (x86_64)
>> ntfsprogs-2:2015.3.14-2el6 (x86_64)
>> I get an error:
>> The software is not from a trusted source. Do not update thses packages
>> unless you are sure it is safe to do so.
>> Did someone forget to sign these packages maybe?
> rpm -K -qp 6/x86_64/ntfs-3g-2015.3.14-2.el6.x86_64.rpm
> 6/x86_64/ntfs-3g-2015.3.14-2.el6.x86_64.rpm: rsa sha1 (md5) pgp md5 OK
> It is signed so maybe the signature isn't in the systems keyring?
I've looked for the signature file to add it to my key ring but have not
been able to find it. Can you hold my hand for a minute or two while I
get it installed?
No problem. For RPM to see the key it needs to be installed in the RPM
keybase. There are several ways of doing this.
1. Install the epel-release rpm
rpm -ivh http://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
yum install epel-release #if you are on CentOS or Scientific Linux
; yum localinstall epel-release-latest
2. Or we can do it the old fashioned way with the GPG key:
rpm --import RPM-GPG-KEY-EPEL-6
rpm --checksig <file you are wanting to check>
To import the key into your local gpg keyring
gpg --import RPM-GPG-KEY-EPEL-6
though this won't easily help check rpm files signatures.
Hope this helps (and sorry for the delay in answering)
^ ^ Mark LaPierre
Registered Linux user No #267004
epel-devel mailing list
Stephen J Smoogen.