Overview
This article shows you how to verify the signature of the Red Hat Enterprise Linux (RHEL) agent installer file using Red Hat Package Manager (RPM) and Code42's public GPG key.
Considerations
This article assumes you have basic familiarity with Linux commands and managing RHEL packages.
Before you begin
Download the Linux agent from the Code42 console:
- Sign in to the Code42 console.
- Navigate to Administration > Agent Management > Downloads.
- Click the download icon for the appropriate RHEL package.
- Note the saved location and filename of the .rpm package.
Steps
- Copy the Code42 public key below and save it as a text file.
-----BEGIN PGP PUBLIC KEY BLOCK----- mQENBGFAxEYBCAC0sVyp1v+nl1JRhwqg/AC5IuhWsArvEtOEpAIKHkkBHpG/a85U CH3l3gZhFGfrxz7sbfQMZLpYkbyTRGIBhH77tkPxVuCo1lDe+89Pb37uJwiIq9iA UrcGJHP0lbv7IauH17biPFwDl2SCD+ufIqF33b2YSH67aeoPM5zhGc2Hfzgb86WT R87pjXhjOb5bEUTUdvBalaLUTIyU28BeRCFZNK6TtnKmPM7f/YyhQ1KFy3ULGJUH 313eaR2IusodSEV3+1b41Fsccwt2prEg+g0OTpc5otEjPrskyrmCIgdnVZ497qZE 02L0zgrr6F9uS1+9G/o01RNOhzHtRV8k/V3JABEBAAG0O0NvZGU0MiBTb2Z0d2Fy ZSBJbmMgKFNpZ25pbmcgS2V5KSA8Y2VydGlmaWNhdGVzQGNvZGU0Mi5jb20+iQFO BBMBCAA4FiEE+wqhexSuRycDnLHFX9yisutY9dAFAmFAxEYCGwMFCwkIBwIGFQoJ CAsCBBYCAwECHgECF4AACgkQX9yisutY9dAOcQf+OET0vczKCZHYvvJkuQK4ZYnO I11ua0SyU3+DrRSNgOeXH/3bv7m6unY50WzC7U9I9kEaGO62DjwsR7EdD52fnguR cmc5Xxm/yelzWqnE2dI9A8VCWHkvZN+65LVG3BlZWE6/gJl4pSSB5PF0VyWuDPoY 6VUojd4bYtzHJhGlFDgf/6hWwkDkl3Ryajf2A52f8xhPrcv2RKkDWwwelm2SWnkn HCJnIKcS6OGIn8zVJuJAuDny0aX9KJyct2urr2fpcGMPMwF8HRLjpDcObQZVsI2s 8yeEueKvJAsDxjNU107DWKhEb9wGCXGjSJNl+MdDBF+CCL5WVnSLmAKhcJgkfA== =iIPD -----END PGP PUBLIC KEY BLOCK-----
- Run this command to import the Code42 public key to your local RPM database. Replace
/path/to/key
with the path of the key file created above:rpm --import /path/to/key
- Run this command to verify the signature of the agent installer package. Replace
example.rpm
with the filename of the downloaded Code42 agent package:rpm --checksig example.rpm
A response like md5 ok, digests signatures OK, or digests ok indicates successful verification and that the package has not been corrupted or tampered with.
External resources
- Red Hat Customer Portal: Checking a Package's Signature