TomIGo2
commented
1 week ago Sorry forgot the attachment the first time!
Open TomIGo2 opened 1 week ago
TomIGo2
commented
1 week ago Sorry forgot the attachment the first time!
andrii-suse
commented
6 days ago My guess that you should just check that the fingerprint of that key matches the one in OBS project : https://build.opensuse.org/projects/security/signing_keys
Then trust it. Or am I missing something and you expect some other behavior?
eliroca
commented
6 days ago The new key was announced on the openSUSE Factory mailing list: https://lists.opensuse.org/archives/list/factory@lists.opensuse.org/thread/YVT6FO5QFKV7D6HLWV53UCYNPYMJKZ5E/
For the last week or more when I attempt to do updates to my system via Yast I get a pop-up window asking me to import the key for the repository saying the key has not yet been trusted (see attachment), but I had imported the key back when the repository was first added.
When I look at the repodata directory, everything is shown as modified 9/25/2024, but the message about import of the key shows a date of 9/23/2024.
After I cancel the import and the other repositories are refreshed, I get an error: There was an error in the repository initialization. [15.5|http://download.opensuse.org/repositories/security/15.5] Valid metadata not found at specified URL History: - Signature verification failed for repomd.xml.
Just want to verify the correctness of the key I will be importing!