> Package libuser-0.54.7-2.1.el5_5.2.x86_64.rpm is not signed You could use --nogpgcheck but this is really weird that some packages are not signed. It may mean that the package is not from the trusted source, so you should not use --nogpgcheck on a "serious" environment.