On Tue, Aug 30, 2016 at 05:56:43 -0400, Jeffrey Johnson wrote: > The 2 line snippet is DNS to port 53 ??? disabling hkp:// is an entirely > different > functionality than disabling signature verification.
I didn't want to disable it (on contrary, I need them to be unconditional), just to make them local. >> ~: rpm -qp --nosignature keepassx-2.0.2-2.x86_64.rpm (reversed >> meaning in query mode bug) >> error: keepassx-2.0.2-2.x86_64.rpm: Header V4 DSA signature: BAD, key ID >> e4f1bc2d >> error: reading keepassx-2.0.2-2.x86_64.rpm manifest, non-printable >> characters found >> > > Um, I believe I???ve used that pubkey ??? see if there isn???t a report from > spring 2015 on pld-devel ??? the issue was that the RSA fingerprint was > fixed and so that pubkey had to be reimported. I???ve forgotten ??? > > What version of rpm is this? rpm-5.4.15-35.x86_64 - this is completely fresh system, commands run for the first time, so no keys imported before, no leftovers. >> ~: diff PLD-3.0-Th-GPG-key.asc /etc/pki/rpm-gpg/PLD-3.0-Th-GPG-key.asc > > Try removing and reimporting. Doesn't work until I manually split this into RSA and DSA. >> (BTW this key is not automatically imported to rpm database). > > No pubkey is automatically imported by RPM, particularly those retrieved from > hkp:// > or externally generated signatures. It would be nice to have some tool to import from hkp:// directly. I did lynx/wget/vi magic to fetch them, how to do this straight from cmdline? > Anyways if you give me a URL to the pubkey and a package signed with that > pubkey, I???ll > (again) sort out the details. I'm using ftp://ftp.th.pld-linux.org/dists/th/PLD-3.0-Th-GPG-key.asc ftp://ftp.th.pld-linux.org/dists/th/PLD/x86_64/RPMS/keepassx-2.0.2-2.x86_64.rpm -- Tomasz Pala <[email protected]> _______________________________________________ pld-devel-en mailing list [email protected] http://lists.pld-linux.org/mailman/listinfo/pld-devel-en
