签名的键在哪里?
签名的键在哪里?
提问于 2014-11-19 20:26:12
在http://yum.neo4j.org/,有使用yum的说明,首先从http://debian.neo4j.org/neotechnology.gpg.key安装一个公钥。安装该密钥后,RPM将其显示为已安装,
bash$ rpm -qa gpg-pubkey'*'
gpg-pubkey-c105b9de-4e0fd3a3
gpg-pubkey-01182252-544ee144
bash$ rpm -qi `rpm -qa gpg-pubkey'*' | sed 1d` | sed /BEGIN/q
Name : gpg-pubkey Relocations: (not relocatable)
Version : 01182252 Vendor: (none)
Release : 544ee144 Build Date: Wed 19 Nov 2014 02:08:02 PM UTC
Install Date: Wed 19 Nov 2014 02:08:02 PM UTC Build Host: localhost
Group : Public Keys Source RPM: (none)
Size : 0 License: pubkey
Signature : (none)
Summary : gpg(Neo Technology Admins <admins@neotechnology.com>)
Description :
-----BEGIN PGP PUBLIC KEY BLOCK-----
bash$..。但是,yum获得的RPM不会在打开签名检查的情况下安装。它似乎想要的不是键01182252,而是键2dc499c3:
bash$ sudo yum install -y neo4j 2>&1 | tail
================================================================================
Install 1 Package(s)
Total size: 40 M
Installed size: 45 M
Downloading Packages:
warning: rpmts_HdrFromFdno: Header V3 RSA/SHA1 Signature, key ID 2dc499c3: NOKEY
Public key for neo4j-2.1.5-1.noarch.rpm is not installed
bash$可以忽略debian.neo4j.org上的密钥,而查询gnupg的默认密钥服务器:
bash$ gpg --recv-keys 2dc499c3
gpg: requesting key 2DC499C3 from hkp server keys.gnupg.net
gpg: /home/vagrant/.gnupg/trustdb.gpg: trustdb created
gpg: key 2DC499C3: public key "Neo Technology Admins <admins@neotechnology.com>" imported
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
bash$然后,将其导入RPM的密钥数据库后,yum将安装neo4j:
bash$ gpg --export -a 2dc499c3 > ~/tmp/neo4j.asc
bash$ sudo rpm --import ~/tmp/neo4j.asc
bash$ sudo yum install -y neo4j..。
Complete!
bash$这把钥匙现在是权威的了吗?
bash$ rpm -qi `rpm -qa gpg-pubkey* | grep 2dc499c3`
Name : gpg-pubkey Relocations: (not relocatable)
Version : 2dc499c3 Vendor: (none)
Release : 508bf4b0 Build Date: Wed 19 Nov 2014 08:19:42 PM UTC
Install Date: Wed 19 Nov 2014 08:19:42 PM UTC Build Host: localhost
Group : Public Keys Source RPM: (none)
Size : 0 License: pubkey
Signature : (none)
Summary : gpg(Neo Technology Admins <admins@neotechnology.com>)
Description :
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: rpm-4.8.0 (NSS-3)
mQENBFCL9LABCACkBWFOHoSZ+xaIjh8FprxFhHW+StN++1mySKLGd4GoQqZLZsfB
h4MyoZDx/BUY4T+uO2w+YBfSS+CijLjXnaaPN4D1C0+YDEIWhn0Nq7CV42NcXg6m
oUYz+qe+0tTYuuCxIMnb9qdGsK7/WySgUBPgcTo40QrRzj1WYAL8xznjyF6IVJot
pH7tk9hqKTM6bDYxd969wpE7NvPUWOsl4a+JMEY+ErM19y9j7W+bwf36mtcs5cyO
DyIFw/4WVdBZouYBYe2OEO8Ak4SY4XCb/cFWquy3wLM8BfZB9Uj1BHjMacVkmCNx
Dadc+jraQZItRenQzyk0zauA79BAJ24onYjvABEBAAG0ME5lbyBUZWNobm9sb2d5
IEFkbWlucyA8YWRtaW5zQG5lb3RlY2hub2xvZ3kuY29tPokBPgQTAQIAKAUCUIv0
sAIbAwUJA8JnAAYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQtzpfli3EmcOq
PAf9ElDmc/HJ3hRQwA4IEpNF+IjRktkLjSUQMdaqprA4UGKQwNjuq/GSl4/XXm8V
8m0tTtQpzzzn9cYGF41TNPdx2V2cG9UHd62BqUYm60Qc1GdIos2Dpwd3gJaSktYH
mLa8eiYwDffOuQMy5peKu0vB4xsgy+OBz4vk6fAUBsVCVuQZrQWQ9Hm9AMqMYPuG
n3J2E4XfpN7KoAfylRelqvnhdhYL/fhqW0/fiNFHPmu/Z+ksWgaAHrxK9h8Fr0aG
gAwsQxupyNLNjxUSGWg1cV7afF/xmTvFQi8XjxIy6daAOoLahI1utOP6Zo7cvhdU
5q5wtSo5HT7CGm/Ym2dP/kROtw==
=2b2E
-----END PGP PUBLIC KEY BLOCK-----
bash$如果没有,那么我们在哪里可以得到新4j-2.1.5-1.noarch.rpm所用的键2dc499c3?
回答 1
Stack Overflow用户
回答已采纳
发布于 2014-11-20 01:53:40
谢谢你让我们注意到这一点。我用说明中引用的键重新签名了所有的RPM(旧的一个过期了,破坏了所有Debian包),并在Amazon机器上通过yum install neo4j测试了安装。效果还不错。
请注意,我们的Yum/RPM支持仍然是实验性的。我们可能很快就会用一个成熟的密钥签署那些RPM,甚至重建整个回购。我们也欢迎反馈意见,我们可以如何改善我们的经验,在RPM平台-谢谢!
朱利安。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/27026334
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号