> > > gpg --keyserver pgp.mit.edu --recv-key GPG_KEY_ID > > gpg -a --export GPG_KEY_ID > /tmp/key && sudo rpm --import /tmp/key && > > rm /tmp/key > > > > and now rpm -qa gpg-pubkey* reports a bunch of keys. > > > > However, rpm --checksig still fails. Why? > > Confusing, I know. It works if you use rpm instead of gpg to import the > keys. > > rpm --import /usr/share/doc/fedora-release-1/RPM-GPG-KEY > rpm --import /usr/share/doc/fedora-release-1/RPM-GPG-KEY-fedora Actually, I AM importing into rpm, it's just all strung into one command. Turns our there's a bug in rpm :) Aleksey's note helped with that. > Known bug. > https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=68290 > > Have a look at the man page of rpm. Use --allmatches to remove all > duplicates of a key at once. This is what I needed for this problem. Thanks. These bugs should be fixed! --erik
