On Oct 9, 2008, at 12:46 PM, Lev Lvovsky wrote:
Jeff,
On Oct 7, 2008, at 5:16 PM, Jeff Johnson wrote:
Well 2004 was a long time ago. Times have changed too ...
FWIW, rpm-5 uses keyutils to store passphrases.
Which means that its possible to us keyutils to manage
a persistent session pass phrase, loaded before rpm is invoked,
and the passphrase will be passed to gpg for signinging packages.
But you can attempt signing without a pass phrase if you want too.
In my excitement, I assumed a bit too much about the system that
you've described - from the following rpm-devel thread:
http://rpm5.org/community/rpm-devel/1440.html
It looks like this implementation has been discussed, but I've not
found any documentation on how to actually use it - is there any out
there?
There's not much from an rpm POV to document.
The entire implementation is in rpmio/rpmku.c if interested.
If you are interested in a persistent session key, then you
need to this configuration
%_keyutils_keyring session
iirc.
Then use keyutils utilities to load the GPG password
into the keyutils retrieval token
rpm:passwd
And its up to the user to protect their keyutils session keyring
through whatever means they choose.
73 de Jeff
you need to change this macro:
thanks,
-lev
_______________________________________________
Rpm-list mailing list
Rpm-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/rpm-list
_______________________________________________
Rpm-list mailing list
Rpm-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/rpm-list
