Mailinglist Archive: opensuse (769 mails)

< Previous Next >
Re: [opensuse] Reliable source for extra and home repository keys?
On Die, 2016-05-17 at 10:53 +0200, Marcus Meissner wrote:
On Tue, May 17, 2016 at 10:39:48AM +0200, Bjoern Voigt wrote:
Is there a reliable source for verifying the PGP keys for extra and
repositories of the openSUSE build service?

Not all keys can be found in the public key servers (like Where else can I find them all?

You could download them from the OBS api directly over https.

e.g. like:

osc signkey home:msmeissn > msmeissn.asc

This is interesting.
When I retrieve the key for my own home project and import into GPG I

$ gpg --import home\:oreinert.asc
gpg: key F8D5B628: public key "home:oreinert OBS Project <home:
oreinert@xxxxxxxxxxxxxxxxxx>" imported
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
gpg: no ultimately trusted keys found

So, the next question becomes:
What is the ultimate trusted key, and how do I get it?


To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups