Signing Packages - Red Hat NETWORK SATELLITE 5.1.0 - CHANNEL MANAGEMENT Manual

Tip
Like your account passwords, a good passphrase is essential for optimal security
in GnuPG. Mix your passphrase with uppercase and lowercase letters, use
numbers, and/or include punctuation marks.
Once you enter and verify your passphrase, your keys are generated. A message similar to the
following appears:
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the disks)
during the prime generation; this gives the random number generator a better
chance to gain enough entropy.
+++++.+++++.++++++++....++++++++++..+++++.+++++.+++++++.+++++++
+++.++++++++++++++++++++++++++++++++++++++..........................++++
When the activity on the screen ceases, your new keys are placed in the directory
root's home directory. This location is because you are ran the command as root. To list your
root keys, use the command:
gpg --list-keys
The output is similar to the following:
/root/.gnupg/pubring.gpg ----------------------------------------- pub
1024D/B7085C8A 2002-02-18 Your Name<you@example.com> sub 1024g/E12AF9C4
2002-02-18
To retrieve your public key, use the following command:
gpg --export -a 'Your Name' > public_key.txt
Your public key is written to the file
This public key is quite important. It's the key that must be deployed to all client systems that
receive custom software through
organization are covered in the Red Hat Network Client Configuration Guide.

2.2. Signing packages

Before you can sign packages, you need to configure your
following:
%_signature gpg %_gpg_name B7085C8A
.
public_key.txt
. Techniques for deploying this key across an
up2date
Signing packages
file to include the
~/.rpmmacros
in
.gnupg
11