Where Can I Find The CentOS Gpg Keys?
Hi!
I’m currently using a non-CentOS system, and wondering where I can find the GPG keys so I can verify the checksum file?
The page on the website (https://www.CentOS.org/keys/) only give information where I can find them on an already installed system.
Regards, Albin
6 thoughts on - Where Can I Find The CentOS Gpg Keys?
repository gpg can be found in
/etc/pki/rpm-gpg/
read the repo file(s) in
/etc/yum.repos.d/
cat /etc/yum.repos.d/CentOS-Base.repo
# CentOS-Base.repo
#
# The mirror system uses the connecting IP address of the client and the
# update status of each mirror to pick mirrors that are updated to and
# geographically close to the client. You should use this for CentOS
updates
# unless you are manually picking other mirrors.
#
# If the mirrorlist= does not work for you, as a fall back you can try the
# remarked out baseurl= line instead.
#
#
[base]
name=CentOS-$releasever – Base mirrorlist=http://mirrorlist.CentOS.org/?release=$releasever&arch=
$basearch&repo=os&infra=$infra
#baseurl=http://mirror.CentOS.org/CentOS/$releasever/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Am Donnerstag, den 28.04.2016, 20:50 +0200 schrieb Albin Otterhäll:
You can find the keys in the top directory of any CentOS mirror e.g. http://mirror.CentOS.org/CentOS/
Apparently I wasn’t clear enough. I’m using Arch Linux (i.e. I haven’t access to the gpg key that comes with an installation) and would like to verify the ISO I’ve downloaded. To-do that I need the key used to sign the “sha256sum.txt.asc” file.
I need to import the CentOS Release 7 (and maybe additional keys) from a keyserver or download the keyfile to be able do that.
Regards, Albin
Thank for helping me out!
Open up a browser and go to:
The GPG keys used to sign the RPM packages are in that directory. That may also be the key used to sign the checksum files. Here;s what I did on my system to check:
The bit that says “Good signature” seems to indicate that it was OK.
Hope that answers your question!
Am 28.04.2016 um 21:29 schrieb Albin Otterh