On Wed, Sep 20, 2006 at 02:12:01PM +0100, Ian Grant wrote:
Dear SUSE types,
How, using the command line, can I add a trusted key that rug/yast will use to verify signed ZYPP repositories?
I am trying to add ZYPP repositories in an autoinstall script. (I can do it manually using YaST 'Installation Sources' and it asks me if I want to trust the key used to sign the repository. But I don't want to have to do this manually on every machine.)
The repository is one I have created myself using createrepo and signed as described here:
http://en.opensuse.org/Secure_Installation_Sources#The_.22repomd.22_or_.22YU...
To sign the repository I 'cd' to the top-level directory and ran
gpg -a -u rpm-packager --detach-sign repodata/repomd.xml gpg -a --export rpm-packager > repodata/repomd.xml.key
So I have the key in repodata/repomd.xml.key
On the new machine (in an autoyast post-init script) I want to add the key to the rug keyring. I have tried
gpg --homedir /root/.gnupg \ --import repodata/repomd.xml.key
to add it to root's keyring, and I have tried adding the key to the zmd whitelist using
rug ka packager 68C0D40964D6D632 "6E55 E6C6 8A0D 5557 C10D 571B 68C0 D409 64D6 D632"
Use: rpm --import repodata/repomd.xml.key Ciao, Marcus --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org