Hi Lev Thanks a lot, I can confirm that the signature now correctly verifies with the new key. Thanks also for updating the oVirt site with the new key! Regards Jonas On 26.02.24 15:45, Lev Veyde wrote:
Hi Jonas,
New packages are currently being signed with the new 4096 bit key, which can be downloaded from: https://resources.ovirt.org/pub/keys/RPM-GPG-ovirt-v4 <https://resources.ovirt.org/pub/keys/RPM-GPG-ovirt-v4>
It was supplied automatically for EL9/C9S releases, but missed the EL8/C8S release packages.
Can you please try to import the new key manually and check if it helps?
Thanks in advance,
On Sat, Feb 24, 2024 at 11:35 AM Jonas <jonas@rabe.ch <mailto:jonas@rabe.ch>> wrote:
Some more context:
# rpm --checksig --verbose /var/cache/dnf/ovirt-45-upstream-62781357e04a3932/packages/ovirt-node-ng-image-update-4.5.5-1.el8.noarch.rpm
/var/cache/dnf/ovirt-45-upstream-62781357e04a3932/packages/ovirt-node-ng-image-update-4.5.5-1.el8.noarch.rpm: Header V4 RSA/SHA256 Signature, key ID 24901d0c: NOKEY Header SHA256 digest: OK Header SHA1 digest: OK Payload SHA256 digest: OK V4 RSA/SHA256 Signature, key ID 24901d0c: NOKEY MD5 digest: OK _______________________________________________ Users mailing list -- users@ovirt.org <mailto:users@ovirt.org> To unsubscribe send an email to users-leave@ovirt.org <mailto:users-leave@ovirt.org> Privacy Statement: https://www.ovirt.org/privacy-policy.html <https://www.ovirt.org/privacy-policy.html> oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ <https://www.ovirt.org/community/about/community-guidelines/> List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/A2KA6MLNPUJHZD... <https://lists.ovirt.org/archives/list/users@ovirt.org/message/A2KA6MLNPUJHZDLZ6NJTBT4IZT33HADS/>
--
LEV VEYDE
SENIOR SOFTWARE ENGINEER, RHCE | RHCVA | MCITP
Red Hat Israel
lev@redhat.com <mailto:lev@redhat.com> | lveyde@redhat.com <mailto:lveyde@redhat.com>
<https://red.ht/sig> TRIED. TESTED. TRUSTED. <https://redhat.com/trusted>