Re: rpm --nosignature reversed meaning

Jeffrey Johnson Sun, 11 Sep 2016 12:53:05 -0700

> On Sep 11, 2016, at 6:38 AM, Jan Rękorajski <bagg...@pld-linux.org> wrote:
> 
> Done.
> I removed RSA key from the 
> ftp://ftp.pld-linux.org/dists/3.0/PLD-3.0-Th-GPG-key.asc
> file, as we indeed sign only with DSA key.
>


There is also a patch to rpm —verify to disable header signature checks that 
can now be
removed afaik. The original report had related symptoms (the RSA pubkey was used
to verify a DSA signature) here:

    http://pld-devel-en.pld-linux.narkive.com/ZssnN7t4/rpm-va-bad-key-id 
<http://pld-devel-en.pld-linux.narkive.com/ZssnN7t4/rpm-va-bad-key-id>

hth

73 de Jeff

> 
> -- 
> Jan Rękorajski                    | PLD/Linux
> SysAdm | baggins<at>pld-linux.org | http://www.pld-linux.org/
> _______________________________________________
> pld-devel-en mailing list
> pld-devel-en@lists.pld-linux.org
> http://lists.pld-linux.org/mailman/listinfo/pld-devel-en

_______________________________________________
pld-devel-en mailing list
pld-devel-en@lists.pld-linux.org
http://lists.pld-linux.org/mailman/listinfo/pld-devel-en

Re: rpm --nosignature reversed meaning

Reply via email to