[CentOS] OT: YUM, RPM and PGP keys

Mon May 12 11:55:25 UTC 2008
Ralph Angenendt <ra+centos at br-online.de>

Jason Pyeron wrote:
> I was just about to ask the same, but for packages I just rolled.
> 
> Is there a cmd line swith or env var?

Why not sign packages you roll? It really isn't that hard. RPM does have
issues with large keys, though - Key on the top1000 list aren't usable
:) - I think 64kb is the maximum size.

And: Setting gpgcheck to 0 in yum.conf should disable global gpg
checking, you can turn it on for each repository in the .repo files
under /etc/yum.repos.d/. So the choice of how you shoot yourself in the
foot with unsigned packages is up to you >:)
Cheers,

Ralph
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.centos.org/pipermail/centos/attachments/20080512/9e0828ec/attachment-0005.sig>