"The GPG keys listed for the "atomicrocketturtle.com" repository are already installed but they are not correct for this package."
23,283
For me, looking into the newer atomic-release package rpm it seems that a new GPG key was added and is in use so if you didn't upgrade for a while you'll likely get this issue.
To fix you need to manually download and import the key and update the repo config:
wget https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt
mv RPM-GPG-KEY.atomicorp.txt /etc/pki/rpm-gpg/RPM-GPG-KEY.atomicorp.txt
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY.atomicorp.txt
Change /etc/yum.repos.d/atomic.repo. Lines:
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY.art.txt
Need an additional entry and become:
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY.art.txt
file:///etc/pki/rpm-gpg/RPM-GPG-KEY.atomicorp.txt
Related videos on Youtube
Author by
Russ Back
Updated on September 18, 2022Comments
-
Russ Back over 1 year
When running this on CentOS 6:
yum update
I accept the transaction summary that it presents and am then immediately presented with this:
Downloading Packages: warning: rpmts_HdrFromFdno: Header V3 RSA/SHA1 Signature, key ID 4520afa9: NOKEY Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY.art.txt The GPG keys listed for the "CentOS / Red Hat Enterprise Linux 6 - atomicrocketturtle.com" repository are already installed but they are not correct for this package. Check that the correct key URLs are configured for this repository.
How can I fix this issue?
When I run this:
rpm -q --queryformat "%{SUMMARY}\n" gpg-pubkey
I get this response:
gpg(CentOS-6 Key (CentOS 6 Official Signing Key) <[email protected]>) gpg(EPEL (6) <[email protected]>) gpg(Atomic Rocket Turtle <[email protected]>) gpg(New Relic <[email protected]>)
-
Russ Back almost 10 yearsI've added the output of that to the original question.
-
ILMostro_7 almost 6 yearsIf the key is imported into the rpm database already, it may not be necessary to add it to the repo file. According to
yum.conf(5)
: gpgkey A URL pointing to the ASCII-armored GPG key file for the repository. This option is used if yum needs a public key to verify a package and the required key hasn't been imported into the RPM data‐ base. If this option is set, yum will automatically import the key from the specified URL. You will be prompted before the key is installed unless the assumeyes option is set.