在yum安装软件的时候有时候会报warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID*****.
【问题原因】
签名的作用就是为了验证包的完整性和可靠性。
In fact, all recently-produced package files will have these verification measures built in automatically. Older package files had only a PGP-based signature; if that was missing, there was nothing left to verify.
新的包在编译的时候都会自动添加验证信息。而旧包里面没有
【解决方法】
Digital signatures cannot be verified without a public key. An ASCII armored public key can be added to the rpm database using
rpm --import PUBKEY ...
rpm {--checksig} [--nosignature] [--nodigest]
PACKAGE_FILE ...
The --checksig option checks all the digests and signatures contained in PACKAGE_FILE to ensure the integrity and origin of the pack-
age. Note that signatures are now verified whenever a package is read, and --checksig is useful to verify all of the digests and sig-
natures associated with a package.
Digital signatures cannot be verified without a public key. An ASCII armored public key can be added to the rpm database using
--import. An imported public key is carried in a header, and key ring management is performed exactly like package management. For
example, all currently imported public keys can be displayed by:
rpm -qa gpg-pubkey*
Details about a specific public key, when imported, can be displayed by querying. Here鈥檚 information about the Red Hat GPG/DSA key:
rpm -qi gpg-pubkey-db42a60e
Finally, public keys can be erased after importing just like packages. Here鈥檚 how to remove the Red Hat GPG/DSA key
rpm -e gpg-pubkey-db42a60e
rpm --import /etc/pki/rpm-gpg/RPM*
【参考引用】
http://pandarabbit.blog.163.com/blog/static/209284144201241810300804/
http://www.rpm.org/max-rpm/s1-rpm-checksig-using-rpm-k.html