On a Linux system, such as AlmaLinux, a GPG (GNU Privacy Guard) key is used to confirm the integrity and validity of packages before installing or updating software. The GPG key verifies that packages have not been altered and are from a reliable source when you install or upgrade them. The current GPG key used to sign packages for AlmaLinux 8 expired in January 2024. Therefore most of the Almalinux 8 users which uses package versions lower than 8.8-3.el8
may find an error when trying to update or install packages. This error will be like ‘GPG Keys are configured as: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux’. or ‘Error: GPG check FAILED’
To resolve this and update or install packages, users need to import the correct GPG Key. This tutorial presents a simple approach to fix this issue and stabilize your system.
Refresh the Repository
Refreshing the Almalinux repository can solve the errors related to GPG keys by ensuring that the package manager retrieves the latest metadata and package information, including the GPG keys, from the repository. This method is not always a success but it may sometimes fix the issue:
yum clean all
yum makecache
Importing Correct Master GPG Key
The primary method for resolving this issue was to import GPG keys. To prevent encountering errors during updates or installations of AlmaLinux 8 packages, execute the following command to import the correct master key:
rpm --import https://repo.almalinux.org/almalinux/RPM-GPG-KEY-AlmaLinux
This command will execute without any outputs!
Upgrade the AlmaLinux Release Package
After importing the master GPG key, it is advised to upgrade Almalinux release packages. Upgrading the AlmaLinux release package ensures the new GPG key is properly integrated, repository configurations are updated, and the system maintains security and operational standards for seamless future updates. To upgrade it, execute the command:
dnf upgrade almalinux-release
How to Test Everything Working?
Finally, to test if the GPG key issue is resolved, simply install a package or update your AlmaLinux system. If no errors like ‘GPG Keys configured as: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux’ occur during these operations, it indicates the successful resolution of the issue.
For example, to install a package:
yum install package-name
Regularly verifying and updating GPG keys in your system administration routine is vital to protect the package management integrity. By prioritizing these security measures, you can mitigate potential risks and ensure a robust foundation for your AlmaLinux system.