On Freitag, 30. Januar 2015, 08:41:57 wrote Nick Walter:
Hi, hoping somebody on the list can help me with a problem I'm trying to solve.
I am currently using OBS to build RPMs for a variety of architectures I need to support. However, I also have some RPMs that are built by Jenkins. Ideally, I would like to be able to have the packages built by Jenkins signed using the private GPG key in use under OBS and collect them under a single YUM repo. I have found what I believe to be the signing (private GPG) key on OBS:
/obs/projects/<my-project>/_signkey
However, it is not in the format I expected (i.e. with a '-----BEGIN PGP PRIVATE KEY BLOCK-----' header followed by a chunk of base64; it is simply a long string of hexadecimal chars. So, this has left me with two questions:
1. Is this indeed the OBS key used to sign my RPMs under this project?
yes, but it is encrypted itself with the OBS master key. (allows to keep the master key on a special protected system, but you can still backup the backend server with the keys).
2. If so, how can I export this _signkey to a GPG format I can use with rpm --addsign?
decrypt it with your instance master key -- Adrian Schroeter email: adrian@suse.de SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Jennifer Guild, Dilip Upmanyu, Graham Norton, HRB 21284 (AG Nürnberg) Maxfeldstraße 5 90409 Nürnberg Germany -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org