[CentOS] Howto batch sign RPM packages?

Gordon Messmer yinyang at eburg.com
Sat Dec 11 20:43:34 UTC 2010


On 12/10/2010 02:05 AM, John Doe wrote:
> What about: '--passphrase-file file' ?

If you're going to put the key and its passphrase file on the same host, 
you might as well not encrypt the key at all.  You're better off 
encrypting the filesystem that contains the key.

If you decide to use a passphrase file anyway, at least put it on a 
tmpfs so that you have to recreate it every time you reboot.



More information about the CentOS mailing list