On 18.01.23 14:35, Marcus Meissner wrote:
We will switch the openSUSE Tumbleweed signing key that signs the repositories and RPMs from 2048bit RSA key to a 4096bit RSA key early next week.
They key is already delivered for several months and in your systems.
What will happen if I try to "zypper dup" a system that had been sitting on a shelf for a year switched off? Will this break badly or will I just have to trust the key manually?