对linux软件包进行验证

拿到一个发行版软件包后，通常要对软件包进行非对称加密验证(MD5)

首先查看公钥是否正常安装:

rpm -qa | grep gpg-pubkey 或者 rpm -qa gpg-pubkey

如果未正常安装，可先手动进行安装

sudo  rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release

或者使用安装介质的源，如:rpm --import /media/Rhel6.4/RPM-GPG-KEY-redhat-release 

如果安装中提示错误:

[kevin@PandoraX Rhel6.4]$ rpm --import /media/Rhel6.4/RPM-GPG-KEY-redhat-release
error: cannot get exclusive lock on /var/lib/rpm/Packages
error: cannot open Packages index using db3 - Operation not permitted (1)
error: cannot open Packages database in /var/lib/rpm
error: /media/Rhel6.4/RPM-GPG-KEY-redhat-release: key 1 import failed.
error: cannot get exclusive lock on /var/lib/rpm/Packages
error: cannot open Packages database in /var/lib/rpm
error: /media/Rhel6.4/RPM-GPG-KEY-redhat-release: key 2 import failed.

很可能是由于权限问题造成，更新key需要root身份或者sudo身份进行操作

 

安装完成后可正常进行验证:

rpm -K vsftpd-2.2.2-11.el6.x86_64.rpm
vsftpd-2.2.2-11.el6.x86_64.rpm: rsa sha1 (md5) pgp md5 OK

验证通过

查看公钥信息rpm -qi gpg-pubkey-2fa658e0-45700c69

查看详细验证信息rpm -vK vsftpd-2.2.2-11.el6.x86_64.rpm 

                      rpm -vvK vsftpd-2.2.2-11.el6.x86_64.rpm

yum源中的gpg校验

[base]
name=Red Hat Enterprise Linux
baseurl=file:///media/Rhel6.4/Server
enabled=1
gpgcheck=0 (0代表不进行校验，1为每次都进行校验)
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release