User Tools

Site Tools

key

Key

GPG Key Used By The ELRepo Project

View this page securely

The ELRepo Project uses a GPG key to sign all RPM packages that we release.
(Updated as of January 2025)

Each RPM package that is released by the ELRepo Project is signed with a GPG signature. By default, *yum* and rpm will verify these signatures and refuse to install any packages that are not signed or have bad signatures. You should always verify the signature of a package before you install it. These signatures ensure that the packages you install are genuine as released by the ELRepo Project and have not been altered (accidentally or maliciously) since their release.

The key is included in the elrepo-release package and you can find it within the /etc/pki/rpm-gpg/ directory. (File RPM-GPG-KEY-v2-elrepo.org)

The key may be downloaded from this website and is also available on a public key server (keys.openpgp.org).

Location: /etc/pki/rpm-gpg/RPM-GPG-KEY-v2-elrepo.org
Download from: elrepo.org
Fingerprint: B8A7 5587 4DA2 40C9 DAC4 E715 5160 0989 EAA3 1D4A

Users should verify the key by checking it's fingerprint matches the fingerprint listed here before installing it: 

$ gpg --list-keys --fingerprint 'elrepo.org (RPM Signing Key v2 for elrepo.org) <secure at elrepo.org>'
pub   4096R/EAA31D4A 2025-01-05
       Key fingerprint = B8A7 5587 4DA2 40C9 DAC4  E715 5160 0989 EAA3 1D4A
uid                  elrepo.org (RPM Signing Key v2 for elrepo.org) <secure at elrepo.org>
sub   4096R/D3ECCB2A 2025-01-05

Once you are satisfied the key is authentic, you can import it: 

# rpm --import RPM-GPG-KEY-v2-elrepo.org

Note that our previous key, RPM-GPG-KEY-elrepo.org, has the following information:
(You need this key if you are installing our packages released before January 2025)

Location: /etc/pki/rpm-gpg/RPM-GPG-KEY-elrepo.org
Download from: elrepo.org
Download from: keys.openpgp.org
Fingerprint: 96C0 104F 6315 4731 1E0B B1AE 309B C305 BAAD AE52 

$ gpg --show-key --with-subkey-fingerprint RPM-GPG-KEY-elrepo.org
pub   dsa1024 2009-03-17 [SC]
      96C0104F631547311E0BB1AE309BC305BAADAE52
uid                      elrepo.org (RPM Signing Key for elrepo.org) <secure@elrepo.org>
sub   elg2048 2009-03-17 [E]
      FD406D02B90D5399A8EB6C13F46A3776B8C66E6D
key.txt ยท Last modified: 2025/01/11 17:16 by toracat