In this lab I create a gpg key for signing the rpm packages I built in the previous lab. Once again, the packages I will be working with are grep and jwhois.
First of all, I installed these packages:
I created the certificates by running “gpg –gen-key” and answering a few questions like what kind of key I want, size of key, passphrase. Then, I opened the ~/.rpmmacro file and added the following line: %_gpg_name “email@example.com” After that, I was able to sign my rpms from previous labs with the following command:
rpm --addsign packagefile
Overall, I’d say that signing packages is a painless experience when using the tools described in this post.
Links to my signed rpm files and ASCII key: