How do i manually verify rpm packages on redhat linux?

  • Man page for rpmkeys

          The  --checksig  option checks all the digests and signatures contained
           in PACKAGE_FILE to ensure the integrity and origin of the package. Note
           that  signatures  are  now  verified  whenever  a  package is read, and
           --checksig is useful to verify all of the digests and signatures  asso‐
           ciated with a package.
    $ rpmkeys --checksig hspell-1.2-6.el7.i686.rpm 
    hspell-1.2-6.el7.i686.rpm: rsa sha1 (md5) pgp md5 OK

Log in to reply

© Lightnetics 2019