RPMSIGN - Online Linux Manual PageSection : 8
Updated : Red Hat, Inc

NAMErpmsign − RPM Package Signing

SYNOPSIS

SIGNING PACKAGES:rpm --addsign|--resign [rpmsign-options] PACKAGE_FILE ... rpm --delsign PACKAGE_FILE ...

rpmsign-options[\fb--rpmv3\fR] [\fb--fskpath \fIKEY\fb\fR] [\fB--signfiles\fR]

DESCRIPTIONBoth of the --addsign and --resign options generate and insert new signatures for each package PACKAGE_FILE given, replacing any existing signatures. There are two options for historical reasons, there is no difference in behavior currently. To create a signature rpm needs to verify the package's checksum. As a result packages with a MD5/SHA1 checksums cannot be signed in FIPS mode. rpm --delsign PACKAGE_FILE ... Delete all signatures from each package PACKAGE_FILE given.

SIGN OPTIONS--rpmv3  Force RPM V3 header+payload signature addition. These are expensive and redundant baggage on packages where a separate payload digest exists (packages built with rpm >= 4.14). Rpm will automatically detect the need for V3 signatures, but this option can be used to force their creation if the packages must be fully signature verifiable with rpm < 4.14 or other interoperability reasons. --fskpath KEY  Used with --signfiles, use file signing key Key. --signfiles  Sign package files. The macro %_binary_filedigest_algorithm must be set to a supported algorithm before building the package. The supported algorithms are SHA1, SHA256, SHA384, and SHA512, which are represented as 2, 8, 9, and 10 respectively. The file signing key (RSA private key) must be set before signing the package, it can be configured on the command line with --fskpath or the macro %_file_signing_key.

USING GPG TO SIGN PACKAGESIn order to sign packages using GPG, rpm must be configured to run GPG and be able to find a key ring with the appropriate keys. By default, rpm uses the same conventions as GPG to find key rings, namely the $GNUPGHOME environment variable. If your key rings are not located where GPG expects them to be, you will need to configure the macro %_gpg_path to be the location of the GPG key rings to use. If you want to be able to sign packages you create yourself, you also need to create your own public and secret key pair (see the GPG manual). You will also need to configure the rpm macros %_gpg_name  The name of the "user" whose key you wish to use to sign your packages. For example, to be able to use GPG to sign packages as the user "John Doe <jdoe@foo.com>" from the key rings located in /etc/rpm/.gpg using the executable /usr/bin/gpg you would include %_gpg_path /etc/rpm/.gpg %_gpg_name John Doe <jdoe@foo.com> %__gpg /usr/bin/gpgin a macro configuration file. Use /etc/rpm/macros for per-system configuration and ~/.rpmmacros for per-user configuration. Typically it's sufficient to set just %_gpg_name.

SEE ALSOpopt(3), rpm(8), rpmdb(8), rpmkeys(8), rpm2cpio(8), rpmbuild(8), rpmspec(8),rpmsign --help - as rpm supports customizing the options via popt aliases it's impossible to guarantee that what's described in the manual matches what's available. http://www.rpm.org/ <URL:http://www.rpm.org/>

AUTHORSMarc Ewing <marc@redhat.com> Jeff Johnson <jbj@redhat.com> Erik Troan <ewt@redhat.com> Panu Matilainen <pmatilai@redhat.com> Fionnuala Gunter <fin@linux.vnet.ibm.com>
0
Johanes Gumabo
Data Size   :   13,336 byte
man-rpmsign.8Build   :   2024-12-05, 20:55   :  
Visitor Screen   :   x
Visitor Counter ( page / site )   :   2 / 197,938
Visitor ID   :     :  
Visitor IP   :   18.117.184.236   :  
Visitor Provider   :   AMAZON-02   :  
Provider Position ( lat x lon )   :   39.962500 x -83.006100   :   x
Provider Accuracy Radius ( km )   :   1000   :  
Provider City   :   Columbus   :  
Provider Province   :   Ohio ,   :   ,
Provider Country   :   United States   :  
Provider Continent   :   North America   :  
Visitor Recorder   :   Version   :  
Visitor Recorder   :   Library   :  
Online Linux Manual Page   :   Version   :   Online Linux Manual Page - Fedora.40 - march=x86-64 - mtune=generic - 24.12.05
Online Linux Manual Page   :   Library   :   lib_c - 24.10.03 - march=x86-64 - mtune=generic - Fedora.40
Online Linux Manual Page   :   Library   :   lib_m - 24.10.03 - march=x86-64 - mtune=generic - Fedora.40
Data Base   :   Version   :   Online Linux Manual Page Database - 24.04.13 - march=x86-64 - mtune=generic - fedora-38
Data Base   :   Library   :   lib_c - 23.02.07 - march=x86-64 - mtune=generic - fedora.36

Very long time ago, I have the best tutor, Wenzel Svojanovsky . If someone knows the email address of Wenzel Svojanovsky , please send an email to johanes_gumabo@yahoo.co.id .
If error, please print screen and send to johanes_gumabo@yahoo.co.id
Under development. Support me via PayPal.

ERROR : Need New Coding :         (rof_escape_sequence|91|rpmsign.8|14|\fb--rpmv3\fR] |[\fb--rpmv3\fR] )         (rof_escape_sequence|91|rpmsign.8|15|\fb--fskpath \fIKEY\fb\fR] [\fB--signfiles\fR] |[\fb--fskpath \fIKEY\fb\fR] [\fB--signfiles\fR] )