[clug-talk] SuSE GPG keys

Jarrod Major jmajor at nucleus.com
Mon Sep 26 11:01:58 PDT 2005


Hey Group,

Dave Watkins just sent this my way and I thought it was too good not to pass 
it on. It appears that the install media for SuSE come with various keys they 
use included on the CD/DVD. If you have purchased a store copy of the SuSE 
package, you can be pretty confident that these are the genuine articles. 
This is one of those cases where it would be near impossible to truly verify 
the authenticity of the key but chances are good that they do in fact belong 
to SuSE. It is possible but unlikely that someone could inject their own key 
on the CD at the time when they are produced. If you have copies of SuSE 
install media you are on your own as it is hard to know how many hands it has 
passed through before coming to you. This is especially true of the copies 
acquired through things like BitTorrent. Please don't get me wrong, I believe 
that folks like Graham are in fact getting the real deal but you have to be 
paranoid to a healthy degree. Verify it with some external source like the 
SuSE website or something.

It appears that the SuSE Security team try to sign any announcements they 
publish to mailing lists and security sites. The key ID that Dave forwarded 
me is 0x3D25D3D9 and it does come up as SuSE's key. The key is in fact on my 
DVD so I was able to import it.

For those that are getting out their SuSE CD's or DVD's now they are located 
in the root (opening/default) directory of the media. To import it into your 
keyring, fire up a Konsole ;) and type the following:

gpg --import /media/SU930_001/gpg-pubkey-3d25d3d9-36e12d04.asc

substitute the name of the media as it appears in your system. tab-completion 
may be used to save you some typing.

Hope this helps somebody. It seemed like a good plan to do it. It's your call 
if you want to import all the keys they supply. I only did this one for now.
-- 
Jarrod Major
Registered Linux User: #224211
GPG Fingerprint: 4556 EFA8 EC69 7C54 EE33  C881 2C7C 0E10 2439 231E
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://clug.ca/pipermail/clug-talk_clug.ca/attachments/20050926/3c35aa77/attachment.bin


More information about the clug-talk mailing list