public keys

public inbox for [email protected]  
help / color / mirror / Atom feed

public keys
3+ messages / 2 participants
[nested] [flat]

* public keys
@ 2020-11-19 15:39  Josserand, Jesse F (NE) <[email protected]>
  0 siblings, 1 reply; 3+ messages in thread

From: Josserand, Jesse F (NE) @ 2020-11-19 15:39 UTC (permalink / raw)
  To: pgsql-pkg-yum

I'm trying to do a cold yum install of postgresql 12 rpm's, but do not want to use '--nogpgcheck' when doing so.
Where can I get the public keys?
:)
Jess
p.s. Thanks in advance!

[TekSynap - Technology Moving at the Speed of Thought]<https://www.teksynap.com/;
Jesse F. Josserand  |  Sr. Systems Architect/SysAdmin/DB Analyst
M: 601-590-0304  |  D: 228-469-2019  |  [email protected]<mailto:[email protected]>
www.TekSynap.com<https://www.teksynap.com/;  |  1760 Reston Parkway, Suite 515, Reston VA 20190
Assigned to GDIT Project, 294 Thames Avenue, Bay St. Louis, MS 39520
[email protected]<mailto:[email protected]>
[Connect with TekSynap on LinkedIn]<https://www.linkedin.com/company/teksynap/;
 |
[Save vCard]<https://www.teksynap.com/teksynap_signatures/Jesse_Josserand/?vcard=1;

^ permalink  raw  reply  [nested|flat] 3+ messages in thread

* Re: public keys
@ 2020-11-20 02:06  Craig Ringer <[email protected]>
  parent: Josserand, Jesse F (NE) <[email protected]>
  0 siblings, 1 reply; 3+ messages in thread

From: Craig Ringer @ 2020-11-20 02:06 UTC (permalink / raw)
  To: Josserand, Jesse F (NE) <[email protected]>; +Cc: pgsql-pkg-yum

On Fri, Nov 20, 2020 at 1:12 AM Josserand, Jesse F (NE) <
[email protected]> wrote:

> I’m trying to do a cold yum install of postgresql 12 rpm’s, but do not
> want to use '--nogpgcheck' when doing so.
>
> Where can I get the public keys?
>
> <https://www.teksynap.com/teksynap_signatures/Jesse_Josserand/?vcard=1;
>
>
>
>
>

I don't know what you mean by a "cold" install.

The keys are packaged in the repo-rpms.

$ rpm -ql pgdg-fedora-repo
/etc/pki/rpm-gpg
/etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG
/etc/yum.repos.d/pgdg-fedora-all.repo

They're also available from the repository itself:

https://download.postgresql.org/pub/repos/yum/

The key you want is:

$ gpg --fingerprint 1F16D2E1442DF0F8
pub   dsa1024 2008-01-08 [SCA]
      68C9 E2B9 1A37 D136 FE74  D176 1F16 D2E1 442D F0F8
uid           [ unknown] PostgreSQL RPM Building Project <
[email protected]>
sub   elg2048 2008-01-08 [E]

It should probably be published prominently on yum.postgresql.org by key-id
and fingerprint, so it can be verified somewhat independently of the actual
download repos, but AFAICS (
https://www.google.com/search?q=site%3Ayum.postgresql.org+1F16D2E1442DF0F8
) it is not.

so consider filing an issue for that:

https://redmine.postgresql.org/projects/pgrpms/

I also note that nobody's signed the key to attest its validity on the
keyservers. That's not necessarily required for rpms, but might be a good
idea. When I get a chance to verify it with Devrim via a side channel I'll
sign it and push my signature.

^ permalink  raw  reply  [nested|flat] 3+ messages in thread

* RE: public keys
@ 2020-11-20 03:49  Josserand, Jesse F (NE) <[email protected]>
  parent: Craig Ringer <[email protected]>
  0 siblings, 0 replies; 3+ messages in thread

From: Josserand, Jesse F (NE) @ 2020-11-20 03:49 UTC (permalink / raw)
  To: Craig Ringer <[email protected]>; +Cc: pgsql-pkg-yum

Thank you!

[TekSynap - Technology Moving at the Speed of Thought]<https://www.teksynap.com/;
Jesse F. Josserand  |  Sr. Systems Architect/SysAdmin/DB Analyst
M: 601-590-0304  |  D: 228-469-2019  |  [email protected]<mailto:[email protected]>
www.TekSynap.com<https://www.teksynap.com/;  |  1760 Reston Parkway, Suite 515, Reston VA 20190
Assigned to GDIT Project, 294 Thames Avenue, Bay St. Louis, MS 39520
[email protected]<mailto:[email protected]>
[Connect with TekSynap on LinkedIn]<https://www.linkedin.com/company/teksynap/;
 |
[Save vCard]<https://www.teksynap.com/teksynap_signatures/Jesse_Josserand/?vcard=1;

From: Craig Ringer <[email protected]>
Sent: Thursday, November 19, 2020 8:06 PM
To: Josserand, Jesse F (NE) <[email protected]>
Cc: [email protected]
Subject: Re: public keys

 [External: Use caution with links & attachments]

On Fri, Nov 20, 2020 at 1:12 AM Josserand, Jesse F (NE) <[email protected]<mailto:[email protected]>> wrote:
I’m trying to do a cold yum install of postgresql 12 rpm’s, but do not want to use '--nogpgcheck' when doing so.
Where can I get the public keys?

I don't know what you mean by a "cold" install.

The keys are packaged in the repo-rpms.

$ rpm -ql pgdg-fedora-repo
/etc/pki/rpm-gpg
/etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG
/etc/yum.repos.d/pgdg-fedora-all.repo

They're also available from the repository itself:

https://download.postgresql.org/pub/repos/yum/<https://urldefense.us/v2/url?u=https-3A__download....;

The key you want is:

$ gpg --fingerprint 1F16D2E1442DF0F8
pub   dsa1024 2008-01-08 [SCA]
      68C9 E2B9 1A37 D136 FE74  D176 1F16 D2E1 442D F0F8
uid           [ unknown] PostgreSQL RPM Building Project <[email protected]<mailto:[email protected]>>
sub   elg2048 2008-01-08 [E]
It should probably be published prominently on yum.postgresql.org<https://urldefense.us/v2/url?u=http-3A__yum.postgresql.org&d=DwMFaQ&c=kBZcWdBOH-UDm7cX7sUnio...; by key-id and fingerprint, so it can be verified somewhat independently of the actual download repos, but AFAICS ( https://www.google.com/search?q=site%3Ayum.postgresql.org+1F16D2E1442DF0F8<https://urldefense.us/...; ) it is not.

so consider filing an issue for that:

https://redmine.postgresql.org/projects/pgrpms/<https://urldefense.us/v2/url?u=https-3A__redmine....;

I also note that nobody's signed the key to attest its validity on the keyservers. That's not necessarily required for rpms, but might be a good idea. When I get a chance to verify it with Devrim via a side channel I'll sign it and push my signature.

^ permalink  raw  reply  [nested|flat] 3+ messages in thread

end of thread, other threads:[~2020-11-20 03:49 UTC | newest]

Thread overview: 3+ messages (download: mbox mbox.gz follow: Atom feed)
-- links below jump to the message on this page --
2020-11-19 15:39 public keys Josserand, Jesse F (NE) <[email protected]>
2020-11-20 02:06 ` Craig Ringer <[email protected]>
2020-11-20 03:49   ` Josserand, Jesse F (NE) <[email protected]>

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox