LinuxQuestions.org - significance of rpms w/ bad signatures?

- Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)

- - significance of rpms w/ bad signatures? (https://www.linuxquestions.org/questions/linux-software-2/significance-of-rpms-w-bad-signatures-203536/)

webazoid

07-10-2004 06:31 PM

significance of rpms w/ bad signatures?

i often download rpm's from sourceforget that have bad signatures. what does that mean and does anyone know why they're bad?

/bin/bash

07-18-2004 07:24 AM

Whoever made the rpm did not add the sig. If they have a public key you can import it with:
rpm --import PUBLICKEY

The sig is how you ensure the package has not been fiddled with since it was placed on the ftp server. I think if you get a package from sourceforge you can feel safe installing it.

All times are GMT -5. The time now is 07:21 AM.