拿到一个发行版软件包后,通常要对软件包进行非对称加密验证(MD5)
首先查看公钥是否正常安装:
rpm -qa | grep gpg-pubkey 或者 rpm -qa gpg-pubkey
如果未正常安装,可先手动进行安装
sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
或者使用安装介质的源,如:rpm --import /media/Rhel6.4/RPM-GPG-KEY-redhat-release
如果安装中提示错误:
[kevin@PandoraX Rhel6.4]$ rpm --import /media/Rhel6.4/RPM-GPG-KEY-redhat-release
error: cannot get exclusive lock on /var/lib/rpm/Packages
error: cannot open Packages index using db3 - Operation not permitted (1)
error: cannot open Packages database in /var/lib/rpm
error: /media/Rhel6.4/RPM-GPG-KEY-redhat-release: key 1 import failed.
error: cannot get exclusive lock on /var/lib/rpm/Packages
error: cannot open Packages database in /var/lib/rpm
error: /media/Rhel6.4/RPM-GPG-KEY-redhat-release: key 2 import failed.
很可能是由于权限问题造成,更新key需要root身份或者sudo身份进行操作
安装完成后可正常进行验证:
rpm -K vsftpd-2.2.2-11.el6.x86_64.rpm
vsftpd-2.2.2-11.el6.x86_64.rpm: rsa sha1 (md5) pgp md5 OK
验证通过
查看公钥信息rpm -qi gpg-pubkey-2fa658e0-45700c69
查看详细验证信息rpm -vK vsftpd-2.2.2-11.el6.x86_64.rpm
rpm -vvK vsftpd-2.2.2-11.el6.x86_64.rpm
yum源中的gpg校验
[base]
name=Red Hat Enterprise
Linux baseurl=file:///media/Rhel6.4/Server
enabled=1
gpgcheck=0 (0代表不进行校验,1为每次都进行校验)
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release