[Spacewalk-list] GPG keys for CentOS channels in Spacewalk
Stefan Bluhm
redhat.com at bluhm-de.com
Wed Mar 4 10:28:53 UTC 2020
Hi Chen,
to clarify a bit more:
> does this mean that for each package downloaded from Spacewalk onto the Client, it is being signed by CentOS
The signing is not happening when you download the file from Spacewalk. The signing has happened before it was uploaded to the source repository (i.e. Signing happens --> Uploaded to public repository --> Spacewalk syncs the public repository down --> package is pushed to client --> client verifies the signature.
Best wishes,
Stefan
----- Ursprüngliche Mail -----
Von: "Michael Mraka" <michael.mraka at redhat.com>
An: "spacewalk-list" <spacewalk-list at redhat.com>
Gesendet: Mittwoch, 4. März 2020 10:39:28
Betreff: Re: [Spacewalk-list] GPG keys for CentOS channels in Spacewalk
Wenkai Chen:
> HI Stefan,
>
> If the GPG check is done on the client side for the Spacewalk channel, does this mean that for each package downloaded from Spacewalk onto the Client, it is being signed by CentOS and that the client will use the GPG public key on its local file location to verify its integrity?
Yes, unless you've explicitly disabled gpg checking in yum/dnf.
--
Michael Mráka
System Management Engineering, Red Hat
_______________________________________________
Spacewalk-list mailing list
Spacewalk-list at redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list
More information about the Spacewalk-list
mailing list