Hello all, I just set up a 15.3 test machine from scratch. Yesterday installing updates via 'zypper dup' gave me a new repo key to accept and new repos (see below). That raised two questions: o How can I verify the newly introduced key? In terms of crypto usability it doesn't seem like an ideal approach to introduce new trust anchors (i.e. new repo keys) w/o clearly documenting how to verify that it is actually legitimate. o Do I need the new update repos (repo-backports-update, repo-sle-update)? And if so, what's the difference to the previous update repos? Before the update there were only repo-update and repo-update-non-oss. leap153:~ # zypper up Retrieving repository 'Update repository of openSUSE Backports' metadata -----------------------------------------[\] New repository or package signing key received: Repository: Update repository of openSUSE Backports Key Name: openSUSE:Backports OBS Project <openSUSE:Backports@build.opensuse.org> Key Fingerprint: 637B32FF 3D83F07A 7AE1C40A 9C214D40 65176565 Key Created: Wed Oct 2 15:17:53 2019 Key Expires: Fri Dec 10 14:17:53 2021 Rpm Name: gpg-pubkey-65176565-5d94a381 user@leap153:~> zypper lr # | Alias | Name | Enabled | GPG Check | Refresh ---+-----------------------------+---------------------------------------------------------------------------------------------+-----------+-----------------+--------------- [...] 3 | repo-backports-debug-update | Update repository with updates for openSUSE Leap debuginfo packages from openSUSE Backports | Nein | ---- | ---- 4 | repo-backports-update | Update repository of openSUSE Backports | Nein | ---- | ---- 5 | repo-debug | Debug Repository | Nein | ---- | ---- 6 | repo-debug-non-oss | Debug Repository (Non-OSS) | Nein | ---- | ---- 7 | repo-debug-update | Update Repository (Debug) | Nein | ---- | ---- 8 | repo-debug-update-non-oss | Update Repository (Debug, Non-OSS) | Nein | ---- | ---- 9 | repo-non-oss | Non-OSS Repository | Ja | (r ) Ja | Ja 10 | repo-oss | Haupt-Repository | Ja | (r ) Ja | Ja 11 | repo-sle-update | Update repository with updates from SUSE Linux Enterprise 15 | Nein | ---- | ---- 12 | repo-source | Source Repository | Nein | ---- | ---- 13 | repo-source-non-oss | Source Repository (Non-OSS) | Nein | ---- | ---- 14 | repo-update | Hauptaktualisierungs-Repository | Ja | (r ) Ja | Ja 15 | repo-update-non-oss | Aktualisierungs-Repository (Nicht-Open-Source-Software) | Ja | (r ) Ja | Ja Thanks and regards -- Till -- Dipl.-Inform. Till Dörges doerges@pre-sense.de PRESENSE Technologies GmbH Nagelsweg 41, D-20097 HH Geschäftsführer/Managing Directors AG Hamburg, HRB 107844 Till Dörges, Jürgen Sander USt-IdNr.: DE263765024 Besuchen Sie uns gerne auf der digitalen Plattform it-sa 365: https://www.itsa365.de/de-de/companies/p/presense-technologies-gmbh