This is Gentoo's testing wiki. It is a non-operational environment and its textual content is outdated.
Please visit our production wiki at https://wiki.gentoo.org
Project Talk:Portage/Repository Verification
From Gentoo Wiki (test)
Note
This is a talk page. Please add newer comments below older ones, and sign your comments using four tildes (
This is a talk page. Please add newer comments below older ones, and sign your comments using four tildes (
~~~~).
When adding a new section (at the bottom of the page), please mark it as "open for discussion" by using {{talk|open}} so it will show up in the list of open discussions.Keys package incorrect
Talk status
This discussion is done.
>In order for verification work correctly, the user has to have an up-to-date Infrastructure OpenPGP public key installed. Currently, this is done through the app-crypt/gentoo-keys package. The key has a yearly expiration date, therefore the user needs to sync and upgrade the package before the previous key expires.
Is this still "current"? As of portage-2.3.40-r1, I don't have gentoo-keys installed, yet verification is working:
* Running emerge --sync >>> Syncing repository 'gentoo' into '/usr/portage'... * Using keys from /usr/share/openpgp-keys/gentoo-release.asc * Refreshing keys from keyserver ... [ ok ] >>> Starting rsync with rsync://88.198.69.178/gentoo-portage...
$ equery b /usr/share/openpgp-keys/gentoo-release.asc
* Searching for /usr/share/openpgp-keys/gentoo-release.asc ...app-crypt/openpgp-keys-gentoo-release-20180530 (/usr/share/openpgp-keys/gentoo-release.asc)
— The preceding unsigned comment was added by Thinrope (talk • contribs)