verifying rpms - public key not found
cpollock at embarqmail.com
Fri Jul 3 16:02:19 CEST 2009
On Fri, 2009-07-03 at 09:57 +0200, Michel Messerschmidt wrote:
> On Fri, July 3, 2009 07:21, Daniel Kahn Gillmor wrote:
> > On 07/03/2009 12:04 AM, Chris wrote:
> >> [chris at localhost ~]$ gpg
> >> --check-sig /home/chris/ClamStuff/clamav-0.94.1-0.1.101mdk.i586.rpm
> >> gpg: using PGP trust model
> >> gpg: key 98E6705C: accepted as trusted key
> >> gpg: error reading key: public key not found
> > You're probably interested in something like gpg --verify, but i don't
> > know exactly how signed .rpms work (i work with .debs mostly, which have
> > external signatures), so hopefully someone else can pipe up with the
> > specifics.
> rpm provides its own verification command:
> rpm -v --checksig <rpm-file>
> It won't succeed though if your key is only available in the gnupg keyring
> but was not imported into the rpm database - that's what the "rpm --import"
> command is used for).
Thank you Michel, I was using the wrong command.
[chris at localhost ~]$ rpm -v
Header V4 DSA signature: OK, key ID 98e6705c
Header SHA1 digest: OK (bb1fc6b767ada68c62ee0c077aa44ccebfe0813d)
MD5 digest: OK (90f2920ee1c6855c8657928d31a2dacd)
V4 DSA signature: OK, key ID 98e6705c
And now I see that when trying to sign an rpm I get:
[chris at localhost ~]$ rpmbuild -bs -v
Enter pass phrase:
gpg: skipped "Chris Pollock (New email address as of 04/21/07)
<cpollock at embarqmail.com>": secret key not available
gpg: signing failed: secret key not available
Pass phrase check failed
I'm confused now as to why it says this, --list-keys shows this:
[chris at localhost ~]$ gpg --list-keys cpollock at embarqmail.com
gpg: using character set `utf-8'
gpg: using PGP trust model
gpg: key 98E6705C: accepted as trusted key
pub 1024D/98E6705C 2005-11-23
uid Chris Pollock (New email address as of 04/21/07)
<cpollock at embarqmail.com>
uid Chris Pollock <cpollock at earthlink.net>
sub 2048g/F5604046 2005-11-23
Thought I'd re-import my secret key and get this:
gpg: sec 1024D/98E6705C 2005-11-23 Chris Pollock
<cpollock at earthlink.net>
gpg: key 98E6705C: already in secret keyring
gpg: Total number processed: 1
gpg: secret keys read: 1
gpg: secret keys unchanged: 1
Why is my old email address still shown?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 197 bytes
Desc: This is a digitally signed message part
More information about the Gnupg-users