On Mon, Oct 08, 2007 at 08:34:36AM -0400, darko g wrote: > On 10/8/07, Marcus Meissner <[EMAIL PROTECTED]> wrote: > > > > > How do I safely use the gnupg key system for repositories? Is accepting > > > these keys when adding repositories with yast the preferred way? And if > > > so how can I tell these are the correct keys? > > > > SUSE repos - no import dialog should appear, the keys are preconfigured. > > > > other repos - the id and the fingerprint is shown and you should review > > them (and can fetch the key in another shell and use GPG to check it). > > > > > What about rootkits? How do I protect my system for rootkits when > > > downloading rpm's from sites such as rpmbone? > > > > Hello, where does Yast keep the keys?
In the RPM database. rpm -qa|grep gpg-pubkey You can remove them with "rpm -e" for instance. There is no GUI for it yet. Ciao, Marcus -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
