summaryrefslogtreecommitdiff
path: root/doc/rpmkeys.8
blob: 5f26dc5d0feb6265bcf79f4200856416dfd9f155 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
.TH "RPMKEYS" "8" "29 October 2010" "Red Hat, Inc"
.SH NAME
rpmkeys \- RPM Keyring
.SH SYNOPSIS
.PP

\fBrpmkeys\fR {\fB--import|--checksig\fR}

.SH "DESCRIPTION"
.PP
The general forms of rpm digital signature commands are
.PP

\fBrpmkeys\fR \fB--import\fR \fB\fIPUBKEY\fB\fR\fI ...\fR

\fBrpmkeys\fR {\fB-K|--checksig\fR} \fB\fIPACKAGE_FILE\fB\fR\fI ...\fR

.\" These are not implemented yet...
.\" \fBrpm\fR \fB--list-key[s]\fR \fB\fIKEY_ID\fB\fR\fI ...\fR
.\" 
.\" \fBrpm\fR \fB--delete-key[s]\fR \fB\fIKEY_ID\fB\fR\fI ...\fR
.\" 

.PP
The \fB--checksig\fR option checks all the digests and signatures contained in
\fIPACKAGE_FILE\fR to ensure
the integrity and origin of the package. Note that
signatures are now verified whenever a package is read,
and \fB--checksig\fR is useful to verify
all of the digests and signatures associated with a package.
.PP
Digital signatures cannot be verified without a public key.
An ASCII armored public key can be added to the \fBrpm\fR database
using \fB--import\fR. An imported public key is
carried in a header, and key ring management is performed
exactly like package management. For example, all currently imported
public keys can be displayed by:
.PP
\fBrpm -qa gpg-pubkey*\fR
.PP
Details about a specific public key, when imported, can be displayed
by querying.  Here's information about the Red Hat GPG/DSA key:
.PP
\fBrpm -qi gpg-pubkey-db42a60e\fR
.PP
Finally, public keys can be erased after importing just like
packages. Here's how to remove the Red Hat GPG/DSA key
.PP
\fBrpm -e gpg-pubkey-db42a60e\fR
.PP

.SH "SEE ALSO"
.nf
\fBpopt\fR(3),
\fBrpm\fR(8),
\fBrpmdb\fR(8),
\fBrpmsign\fR(8),
\fBrpm2cpio\fR(8),
\fBrpmbuild\fR(8),
\fBrpmspec\fR(8),
.fi

\fBrpmkeys --help\fR - as rpm supports customizing the options via popt aliases 
it's impossible to guarantee that what's described in the manual matches 
what's available.


\fBhttp://www.rpm.org/ <URL:http://www.rpm.org/>
\fR
.SH "AUTHORS"

.nf
Marc Ewing <marc@redhat.com>
Jeff Johnson <jbj@redhat.com>
Erik Troan <ewt@redhat.com>
Panu Matilainen <pmatilai@redhat.com>
.fi