From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4.1) Gecko/20031114 Description of problem: When trying to import a key into rpm, I did the following: gpg --recv-keys --keyserver pgp.mit.edu 8df56d05 gpg --armor --export 8df56d05 > /etc/apt/FEDORA-SECURITY-KEY rpm --import /etc/apt/FEDORA-SECURITY-KEY Nothing happens (no error message) and the key does not show up in rpm -qa gpg-pubkey* looking at the key file, it has: Version: GnuPG v1.2.2 (GNU/Linux) I then downloaded the key file from http://www.fedora.us/FEDORA-GPG-KEY which has: Version: GnuPG v1.2.1 (GNU/Linux) rpm --import works fine on this file. Same goes for redhat fedora keys, file from /usr/share/rhn/RPM-GPG-KEY-fedora can be imported successfully into rpm, but the same key received through: gpg --recv-keys --keyserver pgp.mit.edu 4f2a6fd2 does not work. Version-Release number of selected component (if applicable): rpm-4.2.1-0.30, gnupg-1.2.2-3 How reproducible: Always Steps to Reproduce: 1.make sure rpm does not have the key imported already. (check rpm -qa gpg-pubkey*) 2. gpg --recv-keys --keyserver pgp.mit.edu 4f2a6fd2 3. gpg --armor --export 4f2a6fd2 > tmpkey 4. rpm --import tmpkey 5. rpm -qa gpg-pubkey* --> you won't see the new key. 6. If you have the file in usr/share/rhn/RPM-GPG-KEY-fedora, rpm --import /usr/share/rhn/RPM-GPG-KEY-fedora 7. rpm -qa gpg-pubkey* -> you will see the new key. Either RPM does not recognize version 1.2.2 GPG keys, or GPG-1.2.2 is at fault. Additional info:
rpm supports only a subset of OpenPGP, sufficient for verifying packages. If your key came from a server, then you will need to import the key using gpg, and edit out the signature added by the server before exporting.