Sign The Yum Repository
Last time we have talked about how to create a YUM repository.
openSUSE – Create your own Software Repository @ 1
If u follow the above article to create a YUM repository, it should works fine. but u will be prompted whether to accept this unsigned repository. just press YES and everything will go on without any problem.
So if u don’t want to be asked everytime when u manage the packages, sign the Yum repository.
The following steps guide you how to sign the YUM repository
1. Go to the repository folder
2. Generate the key (Inputs are shown in the red squares of the picture below)
- gpg -q –gen-key
3. Try to open the a browser if it stops at (The blue square of the above picture)
- We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
4. List the keys
- gpg –list-key
5. Make a detached signature (repomd.xml.asc) to repomd.xml
- gpg -a –detach-sign repomd.xml
6. Export the public key to repomd.xml.key
- gpg -a –export <public_key> > repomd.xml.key