GPG Keys are public encryption keys that will be used to verify the authenticity and intactness of the rpms. It helps make the rpms tamper resistant.
What you need to do is to import the key(s) for each repository you plan to use. The fedora keys are probably already available on your hard drive for importation, but I will show you how to import two from repositories as examples.
If you donít already know where the keys are located, you can just poke around the repository and find them. For example, if you go to freshrpms and poke around a little, you will find:
If you poke around FC3, you will find:
Importing them from the terminal with root privileges is really simple:
rpm --import http://freshrpms.net/RPM-GPG-KEY-freshrpms
rpm --import http://download.fedora.redhat.com/pu...GPG-KEY-fedora
For FC3, you should be able to find the RedHat keys on the hard drive:
rpm --import /usr/share/doc/fedora-release-3/RPM-GPG-KEY*
which imports 6 keys.
Not using the GPG keys to authenticate the packages makes about as much sense as not using login passwords in linux.