[packman] digests SIGNATURES NOT OK
Carlos E. R.
robin.listas at telefonica.net
Sun Dec 12 11:55:33 CET 2021
On 12/12/2021 11.04, Stefan Seyfried wrote:
> On 12.12.21 09:20, Marc Schiffbauer wrote:
>> Hi Giacomo,
>> we should really create a new gpg key for the repo.
>> @Stefan: What do you think?
> Another Stefan here, but still ;-)
> Changing the key should be advertised in advance, in prominent places.
> Really the best solution (if possible) would be if the new key could be
> signed by the old one and thus automatically accepted by zypper et al.
> I have no idea if this is even possible, nor how to implement it in OBS.
> A plain "osc signkey --create" will simply wipe the old one and create a
> new key, but that would cause a bad user experience :-(
I think you sign a key the same way you do for email.
You must have both keys in a ring, and use the pgp command to sign one
with the other. You need the private key of the old one to do this. And
then, you upload this change to the key servers to propagate.
gpg2 --edit-key somekey sign
Cheers / Saludos,
Carlos E. R.
(from 15.2 x86_64 at Telcontar)
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 203 bytes
Desc: OpenPGP digital signature
More information about the Packman