1RPMKEYS(8) System Manager's Manual RPMKEYS(8)
2
6 rpmkeys - RPM Keyring
7
9 rpmkeys {--import|--checksig}
10
13 The general forms of rpm digital signature commands are
14 rpmkeys --import PUBKEY ...
16 rpmkeys {-K|--checksig} PACKAGE_FILE ...
18 The --checksig option checks all the digests and signatures contained
22 in PACKAGE_FILE to ensure the integrity and origin of the package. Note
23 that signatures are now verified whenever a package is read, and
24 --checksig is useful to verify all of the digests and signatures asso‐
25 ciated with a package.
26 Digital signatures cannot be verified without a public key. An ASCII
28 armored public key can be added to the rpm database using --import. An
29 imported public key is carried in a header, and key ring management is
30 performed exactly like package management. For example, all currently
31 imported public keys can be displayed by:
32 rpm -qa gpg-pubkey*
34 Details about a specific public key, when imported, can be displayed by
36 querying. Here's information about the Red Hat GPG/DSA key:
37 rpm -qi gpg-pubkey-db42a60e
39 Finally, public keys can be erased after importing just like packages.
41 Here's how to remove the Red Hat GPG/DSA key
42 rpm -e gpg-pubkey-db42a60e
44
46 popt(3),
47 rpm(8),
48 rpmdb(8),
49 rpmsign(8),
50 rpm2cpio(8),
51 rpmbuild(8),
52 rpmspec(8),
53 rpmkeys --help - as rpm supports customizing the options via popt
55 aliases it's impossible to guarantee that what's described in the man‐
56 ual matches what's available.
57 http://www.rpm.org/ <URL:http://www.rpm.org/>
60
62 Marc Ewing <marc@redhat.com>
63 Jeff Johnson <jbj@redhat.com>
64 Erik Troan <ewt@redhat.com>
65 Panu Matilainen <pmatilai@redhat.com>
66Red Hat, Inc 29 October 2010 RPMKEYS(8)