el5 package install

Joe Saunders joesaunders88 at gmail.com
Mon Jun 10 14:18:49 UTC 2013 

Hello Kevin,

Sorry for the late reply. I researched packages from rpm.pbone.net,
rpmfind, and looked at source itself on sourceforge. Before all of that I
tried just getting what I would need from yum based on the repos available
to my install but only the fuse packages were there. This is current
patched Red Hat 5.8 machine. The package below is from rpmfind I believe.

I was reading this on redhat.access about rpm and nogpg and the md5 stuff.
MD5 did check out.

https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/3/html/System_Administration_Guide/s1-check-rpm-sig.html

This is what happens when I do
# rpm -Kv fuse-sshfs-2.4-1.el5.x86_64.rpm
fuse-sshfs-2.4-1.el5.x86_64.rpm:
    Header V4 DSA signature: NOKEY, key ID 217521f6
    Header SHA1 digest: OK (f0aa1cd352a8d030d26c59ac591b549637d7e5ee)
    MD5 digest: OK (d586361e35197f7c4121da13b6439dcd)
    V4 DSA signature: NOKEY, key ID 217521f6

So I am confused. MD5 and SHA are ok, but it complains about the gpg key.
Yet all of the guides I have read so far and have pointed me in a certain
direction to obtain a key have not worked out.

I guess my true question(s) is if if two out of three check out the package
is legit and my only fail is I do not have a valid gpg to check against?
Also where to obtain the key, really? I have hit too many dead ends so far.

Thanks,
Joe



Thanks,
Joe


On Fri, Jun 7, 2013 at 6:33 PM, Kevin Fenzi <kevin at scrye.com> wrote:

> On Fri, 7 Jun 2013 11:09:14 -0400
> Joe Saunders <joesaunders88 at gmail.com> wrote:
>
> > Hello all,
> >
> > I have a question about gpgcheck for a package downloaded locally and
> > was trying to install on a RHEL5 system. When doing a yum install or
> > local install it fails with:
> >
> > warning: rpmts_HdrFromFdno: Header V4 DSA signature: NOKEY, key ID
> > 217521f6
> >
> > Public key for fuse-sshfs-2.4-1.el5.x86_64.rpm is not installed
> >
> > and when manually run gpgcheck against it, it passes md5 and sha but
> > fails on the DSA sure enough.
> >
> > My questions is, I spent a lot of time trying to figure out where to
> > download the signature keys from and it's still not apparent. IS
> > there an easier way?
>
> Well, where did you get the package from? EPEL?
>
> If so, you can just install the epel-release package and it has the
> keys in it, and yum will offer to install them for you.
>
> > I know this is probably not the best place to post this question, but
> > that too is not apparent. So my apologies in advance.
>
> Well, I guess it depends on where you got the package from. You should
> ask in the forum for that place whatever it is. ;)
>
> kevin
>
> _______________________________________________
> infrastructure mailing list
> infrastructure at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/infrastructure
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/infrastructure/attachments/20130610/fc1c079b/attachment.html>

More information about the infrastructure mailing list