Official archive signing keys for CentOS 7 are located inside /etc/pki/rpm-gpg/
directory:
# ls /etc/pki/rpm-gpg/ RPM-GPG-KEY-CentOS-7 RPM-GPG-KEY-CentOS-Debug-7 RPM-GPG-KEY-CentOS-Testing-7
Any of the keys whether they are official CentOS 7 archive signing keys or other unofficial archive signing keys found at this location can be imported into the system by using rpm
command. For example the following linux command will import RPM-GPG-KEY-CentOS-
signing key:
# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 OR IMPORT ALL KEYS # rpm --import /etc/pki/rpm-gpg/*
To list all imported signing archive keys run:
# rpm -q gpg-pubkey --qf '%{NAME}-%{VERSION}-%{RELEASE}\t%{SUMMARY}\n' gpg-pubkey-f4a80eb5-53a7ff4b gpg(CentOS-7 Key (CentOS 7 Official Signing Key) ) gpg-pubkey-b6792c39-53c4fbdd gpg(CentOS-7 Debug (CentOS-7 Debuginfo RPMS) ) gpg-pubkey-8fae34bd-538f1e51 gpg(CentOS-7 Testing (CentOS 7 Testing content) )
You the above list to remove any unwanted archive signing keys. This can be done by using rpm
command:
# rpm -e gpg-pubkey-b6792c39-53c4fbdd
The CentOS-7 Debuginfo signing key is now removed:
# rpm -q gpg-pubkey --qf '%{NAME}-%{VERSION}-%{RELEASE}\t%{SUMMARY}\n' gpg-pubkey-f4a80eb5-53a7ff4b gpg(CentOS-7 Key (CentOS 7 Official Signing Key) ) gpg-pubkey-8fae34bd-538f1e51 gpg(CentOS-7 Testing (CentOS 7 Testing content) )