Mailinglist Archive: opensuse-security (485 mails)

< Previous Next >
Re: [suse-security] problems signing rpms
  • From: Robert Schiele <rschiele@xxxxxxxxxxxxxxx>
  • Date: Fri, 5 Mar 2004 10:25:28 +0100
  • Message-id: <20040305092528.GB28869@xxxxxxxxxxxxxxxxxx>
On Fri, Mar 05, 2004 at 10:08:10AM +0100, Rainer Lay wrote:
> Hi,
>
> whem I am signing rpms, the signed seems to be not OK:
> >faui6r [rpm-rainer/SRPMS] 46% rpm -K
> >/tmp/rpm-rainer/RPMS/i586/iftop-0.16-0.pm.1.i586.rpm
> >/tmp/rpm-rainer/RPMS/i586/iftop-0.16-0.pm.1.i586.rpm: sha1 md5 OK
> >faui6r [rpm-rainer/SRPMS] 47% rpm --addsign
> >/tmp/rpm-rainer/RPMS/i586/iftop-0.16-0.pm.1.i586.rpm
> >Enter pass phrase:
> >Das Passwort ist richtig.
> >/tmp/rpm-rainer/RPMS/i586/iftop-0.16-0.pm.1.i586.rpm:
> >faui6r [rpm-rainer/SRPMS] 48% rpm -K
> >/tmp/rpm-rainer/RPMS/i586/iftop-0.16-0.pm.1.i586.rpm
> >/tmp/rpm-rainer/RPMS/i586/iftop-0.16-0.pm.1.i586.rpm: (SHA1) DSA sha1 md5
> >GPG NOT OK
>
>
> Whats wrong?
> My key ID is 0xCD3140CD
> This key is imported with
> rpm --import rainer.asc
>
> rpm is version rpm-4.1.1-71
>
> Any hints?

RPM also had problems with my key. It did not issue any errors or warnings on
importing it, but could not handle it. It didn't even get the key id right.
After some investigation of the problem I found that it was confused by some
subpackages in my key. Thus I built a version of my public key that only
included the key itself, the primary uid and one self signature. This short
version of my public key made rpm happy.

What is "rpm -qa 'gpg-pubkey-*'" telling you? Did it get your key id right?

Robert

--
Robert Schiele Tel.: +49-621-181-2517
Dipl.-Wirtsch.informatiker mailto:rschiele@xxxxxxxxxxxxxxx
< Previous Next >
Follow Ups
References