~~NOTOC~~
======Create own YUM repository======
====Create a GPG key====
  $ gpg --gen-key
  gpg (GnuPG) 2.0.14; Copyright (C) 2009 Free Software Foundation, Inc.
  This is free software: you are free to change and redistribute it.
  There is NO WARRANTY, to the extent permitted by law.
  
  gpg: keyring `/home/herwarth/.gnupg/secring.gpg' created
  gpg: keyring `/home/herwarth/.gnupg/pubring.gpg' created
  Please select what kind of key you want:
     (1) RSA and RSA (default)
     (2) DSA and Elgamal
     (3) DSA (sign only)
     (4) RSA (sign only)
  Your selection? 1
  RSA keys may be between 1024 and 4096 bits long.
  What keysize do you want? (2048) 
  Requested keysize is 2048 bits
  Please specify how long the key should be valid.
           0 = key does not expire
        <n>  = key expires in n days
        <n>w = key expires in n weeks
        <n>m = key expires in n months
        <n>y = key expires in n years
  Key is valid for? (0) 
  Key does not expire at all
  Is this correct? (y/N) y
  
  GnuPG needs to construct a user ID to identify your key.
  
  Real name: Herwarth Heitmann
  Email address: herwarth@helux.nl
  Comment: 
  You selected this USER-ID:
      "Herwarth Heitmann <herwarth@helux.nl>"
  
  Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
  You need a Passphrase to protect your secret key.
  
  can't connect to `/home/herwarth/.gnupg/S.gpg-agent': No such file or directory
  gpg-agent[20906]: directory `/home/herwarth/.gnupg/private-keys-v1.d' created
  We need to generate a lot of random bytes. It is a good idea to perform
  some other action (type on the keyboard, move the mouse, utilize the
  disks) during the prime generation; this gives the random number
  generator a better chance to gain enough entropy.
  gpg: /home/herwarth/.gnupg/trustdb.gpg: trustdb created
  gpg: key 979378E8 marked as ultimately trusted
  public and secret key created and signed.
  
  gpg: checking the trustdb
  gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
  gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
  pub   2048R/979378E8 2014-03-26
        Key fingerprint = DEEC DC77 B760 2E2D DBF2  F301 10AF 22F0 9793 78E8
  uid                  Herwarth Heitmann <herwarth@helux.nl>
  sub   2048R/6A9C1E44 2014-03-26
  $
====Export key====
  $ gpg --export -a 'Herwarth Heitmann' > RPM-GPG-KEY-helux
  
  rpm -q gpg-pubkey --qf '%{name}-%{version}-%{release} --> %{summary}\n'
  gpg-pubkey-c105b9de-4e0fd3a3 --> gpg(CentOS-6 Key (CentOS 6 Official Signing Key) <centos-6-key@centos.org>)
  gpg-pubkey-0608b895-4bd22942 --> gpg(EPEL (6) <epel@fedoraproject.org>)
  gpg-pubkey-5568bbb2-4cb9de99 --> gpg(RPM Fusion nonfree repository for EL (6) <rpmfusion-buildsys@lists.rpmfusion.org>)
  gpg-pubkey-baadae52-49beffa4 --> gpg(elrepo.org (RPM Signing Key for elrepo.org) <secure@elrepo.org>)
  gpg-pubkey-b06eb1af-51752a64 --> gpg(Helux <info@helux.nl>)
Remove old key
  # rpm -e --allmatches gpg-pubkey-b06eb1af-51752a64

Install new key
  # rpm --import RPM-GPG-KEY-helux

Create some stuff to sign RPMs
  $ cd ~
  $ vi .rpmmacros

  %_signature gpg
  %_gpg_name Herwarth Heitmann


{{tag>centos}}