Cloud computing tutorial learning course syllabus courseware: YUM signature checking mechanism:
====================================================================================
software redhat rpm tissue, for example when constructing the package rpm, using its private key (private key) of the signing rpm
When using its client rpm package, in order to verify its legitimacy, using public (public key) redhat signature check provided by
Method a: prior to import a public key
[root@tianyun ~]# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 //redhat
[root@tianyun ~]# vim /etc/yum.repos.d/CentOS-Base.repo
[base]
name=CentOS-$releasever - Base
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os&infra=$infra
# = baseurl http://mirror.centos.org/centos/$releasever/os/$basearch/
gpgcheck=1
Method two: the location specified public key
[root@tianyun ~]# vim /etc/yum.repos.d/CentOS-Base.repo
[base]
name=CentOS-$releasever - Base
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os&infra=$infra
# = baseurl http://mirror.centos.org/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Extra options:
--nogpgcheck // not check the signature package
====================================================================================