I am having difficulty getting rpm to trust the gpg key I have used to sign rpm packages I am creating.
I used gpg --gen-key to create the key. I chose RSA, 1024.
[rpmbuild@localhost etc]$ gpg --list-key
/home/rpmbuild/.gnupg/pubring.gpg
---------------------------------
pub 1024R/42A05359 2009-07-15
uid ******************** replaced ********
sub 1024R/37B2DA7E 2009-07-15
I signed the packages using --sign when building the rpm's using rpmbuild. Here is the output from rpm --checksig on one of my packages:
[rpmbuild@localhost x86_64]$ rpm --checksig Crypt-GeneratePassword-0.03-1.x86_64.rpm
Crypt-GeneratePassword-0.03-1.x86_64.rpm: RSA sha1 (MD5) (PGP) md5 NOT OK (MISSING KEYS: PGP#42a05359)
I believe that what I need to do is register my signature with rpm. I have tried the following:
gpg --output gpg_pub_key --export '<key_name>'
[rpmbuild@localhost .gnupg]$ rpm --import ./gpg_pub_key
error: ./gpg_pub_key: import read failed(-1).
My goal is to add these to a custom channel on our satellite server, so I guess I'll need to add the gpg signature.
Any idea's?