Hi-

If hypothetically I deleted my gpg keys and am not getting updates is there anything I can do to get updates? Almost all software installed is from the repositories where openSuse employees works (official repositories). I have a few packages from openbuild but not too many.

I am trying to read up on security now and see how the keys work so I don't run into this again. It happened during my paranoid attack when I realized I installed packages from the non official repositories and became nervous about having done so.

There are so many virus and malicious software threats now it is making me nervous (especially for XP) and I feel the need to do a little more reading.

thanks - jim

Hi-

I think I will do a reinstall if I don't hear back from anyone soon. I will try harder to stick to the main official repositories and trusted sites. It isn't like XP where I have 5 yrs. worth of stuff on my drive.

openSuse replaced XP as my favorite operating system. I am studying a book now on linux commands, editors, and shell programming. I obviously don't know anything about security yet.

I don't know what possessed me to do something like this. Once in a while I do something really off the wall. I guess I was due.

Thanks,
mtdew3q

hi-

I think I just lost my hope of recovering. I tried this command below on pubring.gpg and all was well.

Then I thought it would be ok to try it on trustdb.gpg and you can see from the output below all is not well.

linux-hbg4:/home/zz1 # gpg --no-default-keyring --keyring /usr/lib/rpm/gnupg/trustdb.gpg --verbose --list-keys
gpg: keyring `/usr/lib/rpm/gnupg/trustdb.gpg' created
gpg: using PGP trust model

I think I could have restored my public keys from pubring.gpg. I am not sure what trustdb.gpg would have done and what role that would have played.

but now trustdb.gpg is 0 bytes.

I am very upset at myself for missing this opportunity to not reinstall my system.
I almost figured out a way to get back up and running but now I don't think I need to read further. Please advise if I was on the right track as I'd be interested to know for future reference. I will think about reinstalling tomorrow night.

Thanks,
mtdew3q

hi-

I quit this project of trying to restore my keys.
I tried a command like the one below this paragraph and I was able to import old keys back into yast (at least that is what it led me to believe). I closed out of yast and after refreshing repositories all the keys I added back in were not listed. Either the repository isn't in sync or something else went wrong.
gpg --output key4.gpg --export opensuse@opensuse.org
(and then browse for exported key and add into yast)

Now I know that public keys are listed in yast in repositories and you can list them in the pubring.pgp files and even export them and then import them again if you need to. Due to more than one location for pubring.gpg and the out of sync problem I am abandoning this effort. I also might add when you go to import in yast it goes by the email. If you have 2 emails that are the same with the key, it won't let you import. When I export from pubring.gpg there is a numeric identifier I can use to differentiate between the ones with the same email address but then when I go to import the separate key files to yast it doesnt go. I am still uncertain how the system knew to let me export when I didnt name the file I was exporting from. There has to be a default location where it exports from.

I will have to read up on what to do with an expired key or this key never expires type scenarios. I read where upon adding a repository it is suppose to ask if you want to add a key and after that you shouldnt keep getting a message do you want to add another key. I'd imagine if the key was expired and they were going to give you a new key that would be ok.

I will be more careful after I reinstall with keys. No more deleting unless I have a really good reason to and no more adding repositories that aren't official until I learn a little more about how this works.

I am determined to learn a little more on the basics of keys so I won't run into something like this again.

thanks,
mtdew3q

hi-

i did a quick reinstall of the os and configured haxe, neko, abyss webserver, and aswing tools. it took 3 hours.

i read about keys, hashcodes, checksums, and verifying packages with rpm command. i have all official repositories and I will leave the keys alone for a while.

sorry :-(
thanks,
jim