11

I've ran into this for dnf only, but I assume it's the same for yum. I can't find any explanations on how this is supposed to work.

One can set repo_gpgcheck=1 in repository config file. So dnf is now supposed to check the signature of the repository data itself. I assume it still uses the gpgkey value from the repository config file.

How can I import that key into whatever key repository that dnf/yum are using to do the key check? I'm stuck with "Importing GPG key..." prompt every time the repository signature is validated, and there is no reason for me to not add a key as a trusted key. The keys imported by RPM do not work, I assume a different repository is checked for keys that can sign the repositories.

Improve this question
1

1 Answer 1

Reset to default
7

Using

rpm --import <YOUR_PUBKEY_PATH_HERE>

Source.

Improve this answer
4
  • 6
    This is for packages, not repositories, my question is specifically about repositories. Keys imported with RPM have no effect when DNF/YUM check repository signatures. Commented Oct 2, 2018 at 20:11
  • For me? on CentOS 8 it work for dnf. So look like it share keys with rpm. Commented Feb 28, 2020 at 0:38
  • 3
    No, it doesn't always share keys with rpm. I have already done this: rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-remi.el8 and yet when I do this: dnf search php I get prompted to import key /etc/pki/rpm-gpg/RPM-GPG-KEY-remi.el8 Commented Aug 12, 2021 at 18:11
  • If you are behind a proxy you need to use the --httpproxy and --httpport variables. E.g. sudo rpm --import https://packages.microsoft.com/keys/microsoft.asc --httpproxy localhost --httpport 3128. rpm-software-management.github.io/rpm/man/… Commented Sep 5, 2022 at 9:32

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.