On Fri, Jun 18, 2004 at 09:12:48AM -0700, Jesse Keating wrote: > On Friday 18 June 2004 09:09, Jon Peatfield wrote: > > and the --checksig -v *still* shows that keyid 5178e2a5 is unknown. > > > > What am I doing wrong? Should I get the public key some other way? > > Try importing it into root's key, or whoever you're running rpm as. No, that was the case for RH 7.x, he is using RH9. I'm not sure why that happened, but I guess that signature you got from mit is signed, and that's a know problem. However you shouldn't need to do that: 1. You can check that the srpm is the same by verifying the sha1sum in the signed message (and verifying the signature of that message containing the sha1sum). 2. I wouldn't import any individual keys to the rpm db just to check that, maybe I'm too paranoid :) 3. When the rpm is released it will be signed with the Fedora Legacy Key, and as long as that works you're ok. Carlos -- fedora-legacy-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-legacy-list
