It’s Safer Internet Day today. #giveasmile
Part of being safe on the Internet is making sure you know what you are downloading.. so let’s make sure that you’re downloading those Wireshark repositories using what I published, and not what someone else might have exchanged the files with the meantime.
We’ll create some GPG keys to support them, using information from Linuxsysconfig, below the fold.
So here goes, firstly create a key, and export the public block, importing it into the RPM tool
gpg --gen-key gpg --export -a publisher > RPM-GPG-KEY-publisher@1310nm.net sudo cp RPM-GPG-KEY-publisher@1310nm.net /etc/pki/rpm-gpg/ sudo rpm --import RPM-GPG-KEY-publisher@1310nm.net
Now configure RPM so that it can find the keys, and then re-sign the created RPMs, and update the repository information.
echo "%_signature gpg" > ~/.rpmmacros echo "%_gpg_name publisher" >> ~/.rpmmacros cd wireshark-2.2.4/packaging/rpm/RPMS/x86_64 rpm --resign *.rpm createrepo --update .
And then enable the gpgcheck
and gpgkey
options in the repository file information. This is now updated in Building a Wireshark for CentOS 7, so everything should be using the published key versions now.