.\" Automatically generated by Pandoc 3.1.11.1
.\"
.TH "RPMKEYS" "8" "29 October 2010" "" ""
.SH NAME
rpmkeys \- RPM Keyring
.SH SYNOPSIS
\f[B]rpmkeys\f[R]
{\f[B]\-\-list|\-\-import|\-\-delete|\-\-checksig\f[R]}
.SH DESCRIPTION
The general forms of \f[B]rpm\f[R](8) digital signature commands are
.PP
\f[B]rpmkeys\f[R] \f[B]\-\-list\f[R] [\f[I]KEYHASH ...\f[R]]
.PP
\f[B]rpmkeys\f[R] \f[B]\-\-import\f[R] \f[I]PUBKEY ...\f[R]
.PP
\f[B]rpmkeys\f[R] \f[B]\-\-delete\f[R] \f[I]KEYHASH ...\f[R]
.PP
\f[B]rpmkeys\f[R] {\f[B]\-K|\-\-checksig\f[R]} \f[I]PACKAGE_FILE
\&...\f[R]
.PP
The \f[B]\-\-checksig\f[R] option checks all the digests and signatures
contained in \f[I]PACKAGE_FILE\f[R] to ensure the integrity and origin
of the package.
Note that signatures are now verified whenever a package is read, and
\f[B]\-\-checksig\f[R] is useful to verify all of the digests and
signatures associated with a package.
.PP
Digital signatures cannot be verified without a public key.
An ASCII armored public key can be added to the \f[B]rpm\f[R] database
using \f[B]\-\-import\f[R].
An imported public key is carried in a header, and key ring management
is performed exactly like package management.
For example, all currently imported public keys can be displayed by:
.PP
\f[B]rpm \-q gpg\-pubkey\f[R]
.PP
A more convenient way to display them is
.PP
\f[B]rpmkeys\f[R] \f[B]\-\-list\f[R]
.PP
More details about a specific public key, when imported, can be
displayed by querying.
Here\[aq]s information about the Red Hat GPG/DSA key:
.PP
\f[B]rpm \-qi gpg\-pubkey\-db42a60e\f[R]
.PP
Finally, public keys can be erased after importing just like packages.
Here\[aq]s how to remove the Red Hat GPG/DSA key:
.PP
\f[B]rpmkeys\f[R] \f[B]\-\-delete db42a60e\f[R]
.PP
Or alternatively:
.PP
\f[B]rpm \-e gpg\-pubkey\-db42a60e\f[R]
.SH SEE ALSO
\f[B]popt\f[R](3), \f[B]rpm\f[R](8), \f[B]rpmdb\f[R](8),
\f[B]rpmsign\f[R](8), \f[B]rpm2cpio\f[R](8), \f[B]rpmbuild\f[R](8),
\f[B]rpmspec\f[R](8)
.PP
\f[B]rpmkeys \-\-help\f[R] \- as rpm supports customizing the options
via popt aliases it\[aq]s impossible to guarantee that what\[aq]s
described in the manual matches what\[aq]s available.
.PP
\f[B]http://www.rpm.org/ <URL:http://www.rpm.org/>\f[R]
.SH AUTHORS
.IP
.EX
Marc Ewing <marc\[at]redhat.com>
Jeff Johnson <jbj\[at]redhat.com>
Erik Troan <ewt\[at]redhat.com>
Panu Matilainen <pmatilai\[at]redhat.com>
.EE