User: Password:
|
|
Subscribe / Log in / New account

Fedora distributes new keys

Fedora distributes new keys

Posted Sep 10, 2008 21:32 UTC (Wed) by leoc (subscriber, #39773)
Parent article: Fedora distributes new keys

When you do the update it will ask you if it is ok to import the new key before it performs the update, so I don't think that manual step is actually required.


(Log in to post comments)

Fedora distributes new keys

Posted Sep 11, 2008 16:15 UTC (Thu) by jake (editor, #205) [Link]

> When you do the update it will ask you if it is ok to import the new key
> before it performs the update, so I don't think that manual step is
> actually required.

It definitely does ask if you want to import the new key. If you want to be sure the key it is asking you to import is the actual key that Fedora issued, you have to verify that for yourself. Thus the manual step.

jake

Fedora distributes new keys

Posted Sep 11, 2008 16:25 UTC (Thu) by skvidal (guest, #3094) [Link]

If you run yum with the -y it will import the key automatically. This is so that cron jobs don't start stalling out everywhere.

This isn't a new feature, it's been that way in yum for a looooong time now.

Fedora distributes new keys

Posted Sep 11, 2008 16:34 UTC (Thu) by jake (editor, #205) [Link]

> If you run yum with the -y it will import the key automatically.

Fine, but that still doesn't verify that the key it is trying to import is the key you are wanting to import. In order to verify that (i.e. check the key signature), the manual step is required.

Since package signing keys were part of whatever the "infrastructure issues" were, it would seem prudent to verify them before importing them.

jake

Fedora distributes new keys

Posted Sep 11, 2008 16:39 UTC (Thu) by skvidal (guest, #3094) [Link]

Agreed. It is a great idea. I suggest verifying keys to everyone. I just wanted to be clear that it wasn't REQUIRED in any code sense.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds