URGENT MESSAGE FOR RED HAT USERS
Bill Horne
bill at horne.net
Sat Aug 30 11:11:35 EDT 2003
----- Original Message -----
From: "Brian Medley" <bpm-list-blu at 4321.tv>
> On Fri, Aug 29, 2003 at 05:24:34PM -0400, Timothy M. Lyons wrote:
>
> > People using up2date should note that they need to download or point to
the
> > appropriate ftp locations and use the manual 'rpm -Fvh' command.
Up2date will
> > fail on a bad certificate.
>
> I believe this will work, as well:
>
> # wget https://rhn.redhat.com/help/RHNS-CA-CERT
> # wget https://rhn.redhat.com/help/RHNS-CA-CERT.asc
> # gpg --import /usr/share/rhn/RPM-GPG-KEY
> # gpg --verify RHNS-CA-CERT.asc RHNS-CA-CERT
> # install -b RHNS-CA-CERT /usr/share/rhn
This worked OK on my 7.3 system, but gave a "bad signature" error on the 7.1
box. The 7.1 box already had the RPM-GPG-KEY on it's keyring, but I had to
import it on the 7.3 box - which shouldn't matter, unless the 7.1 key was
already out of date compared to the one that came with 7.3. Please suggest a
cure.
BTW, RedHat is asking users to verify the packages on their website via MD5
sums.
Bill
More information about the Discuss
mailing list