fedora-docs / quick-docs

Clone
Source Code
GIT

#291 DNF System Upgrade doesn't mention Importing GPG key confirmation
Closed: complete a year ago by ankursinha. Opened 3 years ago by skierpage.

Closed: complete
Reopen Issue

Following https://docs.fedoraproject.org/en-US/quick-docs/dnf-system-upgrade/ , step 3 "Download the updated packages" paused to ask me to OK importing GPG keys. This isn't mentioned in the documentation. 

warning: /var/lib/dnf/system-upgrade/updates-0e22a1f5a0a34771/packages/dnf-4.4.0-2.fc33.noarch.rpm: Header V4 RSA/SHA256 Signature, key ID 9570ff31: NOKEY
Fedora 33 - x86_64 - Updates                                                         1.6 MB/s | 1.6 kB     00:00    
Importing GPG key 0x9570FF31:
 Userid     : "Fedora (33) <fedora-33-primary@fedoraproject.org>"
 Fingerprint: 963A 2BEB 0200 9608 FE67 EA42 49FD 7749 9570 FF31
 From       : /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-33-x86_64
Is this ok [y/N]: y
Key imported successfully
warning: /var/lib/dnf/system-upgrade/rpmfusion-free-1c684ae80260c384/packages/compat-ffmpeg28-2.8.17-3.fc33.x86_64.rpm: Header V3 RSA/SHA1 Signature, key ID d651ff2e: NOKEY
RPM Fusion for Fedora 33 - Free                                                      1.6 MB/s | 1.7 kB     00:00    
Importing GPG key 0xD651FF2E:
 Userid     : "RPM Fusion free repository for Fedora (2020) <rpmfusion-buildsys@lists.rpmfusion.org>"
 Fingerprint: E9A4 91A3 DE24 7814 E7E0 67EA E06F 8ECD D651 FF2E
 From       : /etc/pki/rpm-gpg/RPM-GPG-KEY-rpmfusion-free-fedora-33
Is this ok [y/N]:

Before the paragraph "If you are upgrading to Rawhide, ..." the page should say something like:

You will be prompted to confirm the import of the "GPG key" that Fedora used to sign all the packages you just downloaded. This lets DNF verify the packages are correct., but you should check that the key you're invited to import is the correct one. Visit https://getfedora.org/security/ and confirm that the fingerprint of the "Package signing key" there for the release matches the key that you're prompted to import. If so, then enter "y" to continue.

I was also prompted to import the key for RPM Fusion, whose fingerprint is at https://rpmfusion.org/keys ; I don't know how common this is.

Anyone ready to take on this issue?

Please, could one of you create a proposal for a text with the aforementioned addition?

The easiest way may be to use the page editor. On the light gray breadcrumb bar above the title, it is the second icon from the right side (imitation of a pen on a sheet of paper). It takes care of all the technical details of the repo management.

Done 8 months ago in https://pagure.io/fedora-docs/quick-docs/c/04d42c28e66664887d57ac5331ae5b559bc4ce9a?branch=7b8aab3986c5dbb762a873cac9821ab0820b9e70

I think this paragraph is enough, please reopen if you disagree.

It seems like I can't close this issue, maybe someone else can? (Clicked Comment & Close but it still is displaced as open)

Metadata Update from @ankursinha:
- Issue close_status updated to: complete
- Issue status updated to: Closed (was: Open)
a year ago

Login to comment on this ticket.

Metadata
None
None
None
None
awaiting triage
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.