Mailinglist Archive: opensuse (769 mails)

< Previous Next >
Re: [opensuse] Reliable source for extra and home repository keys?
On Die, 2016-05-17 at 10:53 +0200, Marcus Meissner wrote:
On Tue, May 17, 2016 at 10:39:48AM +0200, Bjoern Voigt wrote:
Is there a reliable source for verifying the PGP keys for extra and
home
repositories of the openSUSE build service?

Not all keys can be found in the public key servers (like
https://sks-keyservers.net/i/). Where else can I find them all?

You could download them from the OBS api directly over https.

e.g. like:

osc signkey home:msmeissn > msmeissn.asc

This is interesting.
When I retrieve the key for my own home project and import into GPG I
get:

$ gpg --import home\:oreinert.asc
gpg: key F8D5B628: public key "home:oreinert OBS Project <home:
oreinert@xxxxxxxxxxxxxxxxxx>" imported
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
gpg: no ultimately trusted keys found

So, the next question becomes:
What is the ultimate trusted key, and how do I get it?

Regards,
Olav

--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups