Provided by: rpm_4.19.1.1+dfsg-1_amd64 bug

NAME

       rpmkeys - RPM Keyring

SYNOPSIS

       rpmkeys {--import|--checksig}

DESCRIPTION

       The general forms of rpm digital signature commands are

       rpmkeys --import PUBKEY ...

       rpmkeys {-K|--checksig} PACKAGE_FILE ...

       The  --checksig  option checks all the digests and signatures contained in PACKAGE_FILE to
       ensure the integrity and origin of the package.  Note that  signatures  are  now  verified
       whenever  a  package  is  read,  and --checksig is useful to verify all of the digests and
       signatures associated with a package.

       Digital signatures cannot be verified without a public key.  An ASCII armored  public  key
       can  be  added to the rpm database using --import.  An imported public key is carried in a
       header, and key ring  management  is  performed  exactly  like  package  management.   For
       example, all currently imported public keys can be displayed by:

       rpm -qa gpg-pubkey*

       Details  about a specific public key, when imported, can be displayed by querying.  Here's
       information about the Red Hat GPG/DSA key:

       rpm -qi gpg-pubkey-db42a60e

       Finally, public keys can be erased after importing just  like  packages.   Here's  how  to
       remove the Red Hat GPG/DSA key

       rpm -e gpg-pubkey-db42a60e

SEE ALSO

       popt(3), rpm(8), rpmdb(8), rpmsign(8), rpm2cpio(8), rpmbuild(8), rpmspec(8)

       rpmkeys  --help - as rpm supports customizing the options via popt aliases it's impossible
       to guarantee that what's described in the manual matches what's available.

       http://www.rpm.org/ <URL:http://www.rpm.org/>

AUTHORS

              Marc Ewing <marc@redhat.com>
              Jeff Johnson <jbj@redhat.com>
              Erik Troan <ewt@redhat.com>
              Panu Matilainen <pmatilai@redhat.com>

                                         29 October 2010                               RPMKEYS(8)