Using gpg with rpm

James H. Cloos Jr. cloos at
Tue Dec 29 15:18:45 CET 1998

Hash: SHA1

>>>>> "Rat" == Stainless Steel Rat <ratinox at> writes:

Rat> rpm uses whatever version of PGP is available.  One should be
Rat> able to use any version of PGP that groks PGP 2.6.x command line
Rat> arguments, which means GPG should be an easy drop-in replacement.
Rat> Red Hat RPMs have RSA signatures because of the version of PGP
Rat> they use.

(My comments are based on the current cvs src for rpm, if it makes any

gpg does not support, in my tests, the options rpm uses when it calls
pgp.  +myname, +batchmode, +verbose, +armor and -f must be translated;
getenv("PGPPASSFD") must be translated to --pashphrase-fd.  In the
case of a verify, gpg requires --verify where rpm passes nothing.

While I would prefer to see rpm updated to call gpg directly, and rpm
users to only sign with gpg generated key pairs, we are not there yet;
backward compatability is still necessary.  Especially until RHCN can
handle non RSA keys for sigs.

Making the installation of pgp unnecessary is at least a step in the
right direction.

- -JimC
- --
mJames H. Cloos, Jr.       <>
<cloos at>      E9E9 F828 61A4 6EA9 0F2B  63E7 997A 9F17 ED7D AEA6

Version: GnuPG v0.9.0 (GNU/Linux)
Comment: For info see


More information about the Gnupg-devel mailing list