When doing an up2date, I get a warning about GPG not signed
BFD
bfd at pcisys.net
Mon Oct 20 13:03:53 UTC 2003
Williams Jr, Ernest L. wrote:
> Does anyone else get a warning about the packages not being signed
> with GPG??
> This is potentially dangerous, right? Should I not proceed with the
> up2dates.
>
Apparently, from articles in the archives, not all the rawhide packages
are signed, so this warning may occur.
To decrease the number of warnings for those packages that are signed,
try this:
Install the rawhide key by doing
'up2date -u fedora-release'
after subscribing to the updates channel, and then
'rpm --import /usr/share/doc/fedora-release-0.95/RPM-GPG-KEY-rawhide'.
By doing this, I reduced my warning messages by about 90%.
You can also disable GPG signature checking by running as root
up2date --config
and selecting the Retrieval/Installation tab, then unchecking the "Use
GPG to verify package integrity" box.
This choice should be used as last resort for security reasons.
BFD
More information about the fedora-list
mailing list