Signing RPM packages

Keith Roberts keith at
Fri Mar 18 21:59:35 UTC 2011

On Fri, 18 Mar 2011, Tim Mooney wrote:


> You already have a public GPG key, you just need to publish/advertise it.
> Read the section of the GnuPG guide on exporting your public key, as
> well as the advise on disseminating it.  See
> The more people you can get to sign your public key (building the web of
> trust), the better.  Read up on key-signing parties.

Thanks Tim.

I've created a file with my public key in, and have resigned 
the packages I have already built. So I just need to check 
all this works by installing one of my built packages.

Kind Regards,

Keith Roberts


All email addresses are challenge-response protected with

More information about the Rpm-list mailing list