[CentOS] OT: YUM, RPM and PGP keys

Mon May 12 12:54:39 UTC 2008
Jason Pyeron <jpyeron at pdinc.us>

> -----Original Message-----
> From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On
> Behalf Of Ralph Angenendt
> Sent: Monday, May 12, 2008 7:55 AM
> To: centos at centos.org
> Subject: Re: [CentOS] OT: YUM, RPM and PGP keys
> Jason Pyeron wrote:
> > I was just about to ask the same, but for packages I just rolled.
> >
> > Is there a cmd line swith or env var?
> Why not sign packages you roll? It really isn't that hard. RPM does have

It's a throw away project on a throwaway vm instance.

> issues with large keys, though - Key on the top1000 list aren't usable
> :) - I think 64kb is the maximum size.
> And: Setting gpgcheck to 0 in yum.conf should disable global gpg
> checking, you can turn it on for each repository in the .repo files
> under /etc/yum.repos.d/. So the choice of how you shoot yourself in the
> foot with unsigned packages is up to you >:)

But there are no (temporary) options from the command line?

> Cheers,
> Ralph

-                                                               -
- Jason Pyeron                      PD Inc. http://www.pdinc.us -
- Principal Consultant              10 West 24th Street #100    -
- +1 (443) 269-1555 x333            Baltimore, Maryland 21218   -
-                                                               -
This message is for the designated recipient only and may contain
privileged, proprietary, or otherwise private information. If you
have received it in error, purge the message from your system and
notify the sender immediately.  Any other use of the email by you
is prohibited.