The Fedora website http://fedora.redhat.com/About/security/ mentions Fedora builds are automatically signed. How is this done? rpm --addsign requires user input and is not gpg-aware http://lists.gnupg.org/pipermail/gnupg-users/2004-January/021302.html