NAME

       rpmkeys - RPM Keyring

SYNOPSIS

       rpmkeys {--import|--checksig}

DESCRIPTION

       The general forms of rpm digital signature commands are

       rpmkeys --import PUBKEY ...

       rpmkeys {-K|--checksig} PACKAGE_FILE ...

       The  --checksig  option checks all the digests and signatures contained in PACKAGE_FILE to ensure the in‐
       tegrity and origin of the package.  Note that signatures are now verified whenever a package is read, and
       --checksig is useful to verify all of the digests and signatures associated with a package.

       Digital signatures cannot be verified without a public key.  An ASCII armored public key can be added  to
       the  rpm database using --import.  An imported public key is carried in a header, and key ring management
       is performed exactly like package management.  For example, all currently imported  public  keys  can  be
       displayed by:

       rpm -qa gpg-pubkey*

       Details  about  a  specific  public key, when imported, can be displayed by querying.  Here's information
       about the Red Hat GPG/DSA key:

       rpm -qi gpg-pubkey-db42a60e

       Finally, public keys can be erased after importing just like packages.  Here's how to remove the Red  Hat
       GPG/DSA key

       rpm -e gpg-pubkey-db42a60e

SEE ALSO

       popt(3), rpm(8), rpmdb(8), rpmsign(8), rpm2cpio(8), rpmbuild(8), rpmspec(8)

       rpmkeys  --help  -  as rpm supports customizing the options via popt aliases it's impossible to guarantee
       that what's described in the manual matches what's available.

       http://www.rpm.org/ <URL:http://www.rpm.org/>

AUTHORS

              Marc Ewing <marc@redhat.com>
              Jeff Johnson <jbj@redhat.com>
              Erik Troan <ewt@redhat.com>
              Panu Matilainen <pmatilai@redhat.com>

                                                 29 October 2010                                      RPMKEYS(8)