FC6 clean install - yum missing keys?
Paul Howarth
paul at city-fan.org
Wed Oct 25 08:11:12 UTC 2006
On Tue, 2006-10-24 at 20:48 -0700, Wolfgang S. Rupprecht wrote:
> I just did a FC6/x86_64 clean install. I then tried "yum update" as
> root and it also wanted to load new keys.
>
> # yum update
> ...
> Total download size: 20 M
> Is this ok [y/N]: y
> Downloading Packages:
> warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID 4f2a6fd2
> Importing GPG key 0x4F2A6FD2 "Fedora Project <fedora at redhat.com>"
> Is this ok [y/N]: n
>
> Needless to say this rang warning bells. Why would a fresh install
> need to install some previously unknown keys? If they keys are legit,
> shouldn't they have been loaded at the factory (so to speak)???
A cleam install has no public keys in the RPM database.
> The worst aspect of this is that it trains users to blindly press "y"
> when presented with questions that have strong security implications.
> How is the average user supposed to even know if that request is legit
> or not?
A good point but at least it's consistent, in that the official repos
need their keys importing just like a third party repo would.
Paul.
More information about the fedora-list
mailing list