Archive

Posts Tagged ‘centos’

Import Missing GPG Keys

January 17th, 2010 No comments

Sometimes when people are using Linux they will find that they come across a simple security check that confirms the authenticity of the RPM/Deb files that they are installing. Every so often the key is missing but that is easy to remedy. Here I will use an example with the YUM install of Adobe Flash:

[root@marine]# ls
adobe-release-i386-1.0-1.noarch.rpm
[root@marine]# yum localinstall adobe-release-i386-1.0-1.noarch.rpm
Loaded plugins: fastestmirror, priorities
Setting up Local Package Process
Examining adobe-release-i386-1.0-1.noarch.rpm: adobe-release-i386-1.0-1.noarch
Marking adobe-release-i386-1.0-1.noarch.rpm to be installed
Loading mirror speeds from cached hostfile
* addons: anorien.csc.warwick.ac.uk
* base: anorien.csc.warwick.ac.uk
* centosplus: anorien.csc.warwick.ac.uk
* contrib: anorien.csc.warwick.ac.uk
* extras: anorien.csc.warwick.ac.uk
* rpmforge: fr2.rpmfind.net
* updates: anorien.csc.warwick.ac.uk
588 packages excluded due to repository priority protections
Resolving Dependencies
--> Running transaction check
---> Package adobe-release-i386.noarch 0:1.0-1 set to be updated
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
Package              Arch     Version Repository                          Size
================================================================================
Installing:
adobe-release-i386   noarch   1.0-1   /adobe-release-i386-1.0-1.noarch   1.9 k

Transaction Summary
================================================================================
Install      1 Package(s)
Update       0 Package(s)
Remove       0 Package(s)

Total size: 1.9 k
Is this ok [y/N]: y
Downloading Packages:
warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID f6777c67

Public key for adobe-release-i386-1.0-1.noarch.rpm is not installed

As you can see it attempted to install but because the key was missing it refused to install. So what do we do to find that key? First we must download the key from somewhere, there is various key servers around the world, some of the most popular are (note hkp is the HTTP keyserver protocol):

  • hkp://subkeys.pgp.net
  • hkp://pgp.mit.edu
  • hkp://keys.gnupg.net
  • hkp://wwwkeys.uk.pgp.net (where UK can be replaced by any country code)

So lets search for the missing key:

[root@marine]# gpg --keyserver hkp://wwwkeys.uk.pgp.net --recv-keys f6777c67
gpg: requesting key F6777C67 from hkp server wwwkeys.uk.pgp.net
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: key F6777C67: public key "Adobe Systems Incorporated (Linux RPM
  Signing Key) " imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg:               imported: 1

So now we have the key and see that it is indeed Adobe’s key. Now all we need to do is add into RPM:

[root@marine]# gpg --armor --export f6777c67 >tmp-gpg.key
[root@marine]# rpm --import tmp-gpg.key

Simple as that, the install will work now!

This post is a refreshed look at a previous post on the same matter.

Tags: , , , ,

CentOS NetInstall

June 7th, 2009 No comments

I recently reinstalled my CentOS (to upgrade to 5.3) and this time I decided to use a netinstall method. The netinstall can be very useful if you have a local repository of RPM files and even then it can be nice to download a very small ISO (only 8.3Mb).

So here is how you can do it for yourself. If you require to setup any partitioning scheme before hand, I highly recommend Partition Logic as a good run-from-CD partitioning tool. You will also need to download the small CentOS NetInstall ISO.

  • Boot from the ISO
  • Type linux askmethod at the boot prompt
  • Select the required network setup. Normally DHCP is good enough, disable IPv6 unless you plan on using it.
  • Select HTTP as the installation method.
  • If you have a local web server with your RPM’s on it then put in the information there. Otherwise use: mirror.centos.org and centos/5.3/os/i386.
  • Finally start the installation process.

The whole thing should take no more than a couple of hours to complete. This method allows you to quickly start an installation of CentOS without the need to download all 6 of the CD’s or the DVD image.

Tags: ,