Skip to content

Commit

Permalink
Fixes + cleanups to rpmkeys manual
Browse files Browse the repository at this point in the history
Drop all references to pre-historical Red Hat keys, short key-ids
and gpg-pubkey packages. Use the term fingerprint consistently everywhere.
Add a brief explanation of the --list format and usage example for
--export too.
  • Loading branch information
pmatilai committed Nov 7, 2024
1 parent 117e6b5 commit 28b336d
Showing 1 changed file with 14 additions and 18 deletions.
32 changes: 14 additions & 18 deletions docs/man/rpmkeys.8.md
Original file line number Diff line number Diff line change
Expand Up @@ -19,13 +19,13 @@ DESCRIPTION

The general forms of rpm digital signature commands are

**rpmkeys** **\--list** \[*KEYFINGERPRINT \...*\]
**rpmkeys** **\--list** \[*FINGERPRINT \...*\]

**rpmkeys** **\--export** \[*KEYFINGERPRINT \...*\]
**rpmkeys** **\--export** \[*FINGERPRINT \...*\]

**rpmkeys** **\--import** *PUBKEY \...*

**rpmkeys** **\--delete** *KEYHASH \...*
**rpmkeys** **\--delete** \[*FINGERPRINT \...*

**rpmkeys** {**-K\|\--checksig**} *PACKAGE\_FILE \...*

Expand All @@ -41,29 +41,25 @@ armored public key can be added to the **rpm** database using
ring management is performed exactly like package management. For
example, all currently imported public keys can be displayed by:

**rpm -q gpg-pubkey**

A more convenient way to display them is

**rpmkeys** **\--list**

More details about a specific public key, when imported, can be displayed by
querying. Here\'s information about the Red Hat GPG/DSA key:

**rpm -qi gpg-pubkey-db42a60e**
This lists all currently imported public keys (aka certificates)
by their fingerprint and User ID. The fingerprint is the handle
used for all other operations on the keys.

Finally, public keys can be erased after importing just like packages.
Here\'s how to remove the Red Hat GPG/DSA key:
**rpmkeys** **\--export** \[*FINGERPRINT \...*\]

**rpmkeys** **\--export**
Write the key(s) in an armor wrapped text format to standard out.
This can be used to inspect the data with specialized tools, such
as Sequoia or GnuPG, for example:

Write the keys in an armor wrapped text format to standard out.
**rpmkeys --export 771b18d3d7baa28734333c424344591e1964c5fc | sq inspect **

**rpmkeys** **\--delete db42a60e**
**rpmkeys** **\--delete** *FINGERPRINT \...*

Or alternatively:
Delete the keys in *FINGERPRINT*. For example:

**rpm -e gpg-pubkey-db42a60e**
**rpmkeys** **\--delete 771b18d3d7baa28734333c424344591e1964c5fc**

SEE ALSO
========
Expand Down

0 comments on commit 28b336d

Please sign in to comment.