On Tue, 2004-04-20 at 05:42, Jay Daniels wrote: > A simple script to import keys. > > Is there any way to use rpm to check if the key is already imported? If the key is already imported nothing happens. > Perhaps an IF statement by checking the key id with gpg, 0x1CDDBCA9 or > some way to validate the key matches the certain key id's. > > Importing from a keyserver may be more secure than importing from > a URL? > rpm -qa|grep pub gpg-pubkey-4f2a6fd2-3f9d9d3b gpg-pubkey-db42a60e-37ea5438 gpg-pubkey-30c9ecf8-3f9da3f7 gpg-pubkey-1cddbca9-3f9da14c gpg-pubkey-897da07a-3c979a7f gpg-pubkey-e418e3aa-3f439953 gpg-pubkey-db42a60e-37ea5438 gpg-pubkey-db42a60e-37ea5438 gpg-pubkey-30c9ecf8-3f9da3f7 gpg-pubkey-4f2a6fd2-3f9d9d3b gpg-pubkey-897da07a-3c979a7f gpg-pubkey-e418e3aa-3f439953 gpg-pubkey-1cddbca9-3f9da14c gpg-pubkey-e42d547b-3960bdf1 > Since the file checksum is checked anyway, is gpg even neccessary Yes, with all the tampering that can happen gpg can be the best way to stop people from infecting rpm's with trojans and malware. -- Best Regards, Keith NW Oregon Radio http://kilowatt-radio.org/ Pax melior est quam iustissimum bellum.
