[CentOS] Howto batch sign RPM packages?

Sat Dec 11 20:43:34 UTC 2010
Gordon Messmer <yinyang at eburg.com>

On 12/10/2010 02:05 AM, John Doe wrote:
> What about: '--passphrase-file file' ?

If you're going to put the key and its passphrase file on the same host, 
you might as well not encrypt the key at all.  You're better off 
encrypting the filesystem that contains the key.

If you decide to use a passphrase file anyway, at least put it on a 
tmpfs so that you have to recreate it every time you reboot.