(1)列出keys
# gpg --list-keys
/root/.gnupg/pubring.gpg
------------------------
pub 2048R/98681A63 2014-07-15
uid yinye (yinye's key) <hustcat@gmail.com>
sub 2048R/5A1B2B28 2014-07-15
(2)匯出public key
這樣,別人就可以匯入,然後驗證你簽名的rpm package了。
# gpg --export --armor hustcat@gmail.com > yy.asc
(3)備份private key
# gpg --export-secret-keys --armor hustcat@gmail.com > yy_private.asc
(4)檢查rpm包的簽名
# rpm -K ceph-deploy-1.5.9-0.noarch.rpm
ceph-deploy-1.5.9-0.noarch.rpm: RSA sha1 ((MD5) PGP) md5 NOT OK (MISSING KEYS: (MD5) PGP#98681a63)
檢查rpm包的完整性(下載過程中是否損壞)
# rpm -K --nosignature ceph-deploy-1.5.9-0.noarch.rpm
ceph-deploy-1.5.9-0.noarch.rpm: sha1 md5 OK
(5)匯入public key
rpm --import 'https://ceph.com/git/?p=ceph.git;a=blob_plain;f=keys/autobuild.asc'
(6)列出public key
# rpm -qa gpg-pubkey*
gpg-pubkey-03c3951a-51149b56
gpg-pubkey-baadae52-49beffa4
gpg-pubkey-c105b9de-4e0fd3a3
gpg-pubkey-17ed316d-4fb96ee8
gpg-pubkey-0608b895-4bd22942
# rpm -qa gpg-pubkey* --qf "%{name}-%{version}-%{release}-%{summary}\n"
gpg-pubkey-03c3951a-51149b56-gpg(Ceph automated package build (Ceph automated package build) <sage@newdream.net>)
gpg-pubkey-baadae52-49beffa4-gpg(elrepo.org (RPM Signing Key for elrepo.org) <secure@elrepo.org>)
gpg-pubkey-c105b9de-4e0fd3a3-gpg(CentOS-6 Key (CentOS 6 Official Signing Key) <centos-6-key@centos.org>)
gpg-pubkey-17ed316d-4fb96ee8-gpg(Ceph Release Key <sage@newdream.net>)
gpg-pubkey-0608b895-4bd22942-gpg(EPEL (6) <epel@fedoraproject.org>)
(7)檢視public key的詳細資訊
# rpm -qi gpg-pubkey-03c3951a-51149b56
主要參考
作者:YY哥
出處:http://www.cnblogs.com/hustcat/
本文版權歸作者和部落格園共有,歡迎轉載,但未經作者同意必須保留此段宣告,且在文章頁面明顯位置給出原文連線,否則保留追究法律責任的權利。