Technology Errors

GPG key retrieval failed: [Errno 5] OSError: [Errno 2] No such file or directory: /etc/pki/rpm-gpg/RPM-GPG-KEY-remi

Earlier while upgrading PHP to version 5.3.5 on a CentOS server I copied over the details of the remi repository from another server I had upgraded PHP on. Once I started the transaction all looked well until Yum needed to verify the remi repo RPM GPG key which I had not installed so an error was provided and Yum stopped the PHP upgrade process. You can get around the RPM GPG key error by simply using the –nogpgcheck switch however that is not the correct way to resolve the problem. You should instead install the RPM GPG key and the below example shows how to install the RPM GPG key for the remi repo.

Information Security

Installing Virtual Box on Backtrack 4 R2

Lately I have had a lot of requests on how to install Sun’s Virtual Box on Backtrack 4. Virtual Box is a virtual environment similar to Vmware but it is free. Virtual Box will allow you to run other operating systems on your host. This can be useful for security because you will not harm any one or any thing will practicing.
It should be noted that adding third party repositories to any distribution can cause problems. That being said, many of us have downloaded and installed Virtual box using this method with out any problems.

Below I will outline the few simple steps to install Virtual Box

Technology Insights

Generate A GPG Key To Sign RPM Packages Created Using rpmbuild On CentOS Linux

I have been playing around with building RPM packages today on CentOS because I needed to upgrade curl and the latest version available on CentOS didn’t have the features I needed to use. One of the things that had come h up during the RPM build process and the RPM package installation process using yum was the fact that your RPM packages should be signed. Signing RPM packages gives them some validity and will allow others to install them without having to modify their yum.conf file. Below I describe how to generate a GPG key to be used to sign RPM packages created using the rpmbuild command. First below is a message that will be received when attempting to install unsigned packages using yum with the default yum configuration.

Technology Insights

Not enough random bytes available. Please do some other work to give the OS a chance to collect more entropy! (Need 283 more bytes)

When working to create a GPG key to sign some RPM packages I was building I ran into a message I had never seen before. I was building the RPM packages on an older server with not a lot of power which I am assuming contributed to my issue. The error is noted below but basically means you need to generate a lot of random bytes which are used to create a unique key. Within the error it states that the computer needs to collect more entropy so below I explain the error in more detail, what entropy means, why more entropy is needed, and how to generate as much as possible in a short amount of time to finish generating the GPG key.

Technology Errors

Yum Error: Package curl-7.20.0-1.i386.rpm is not signed, Install A Yum Package That Is Not Signed

Today I have been working on a project for work that involved accessing FTPS using curl. I needed the curl –libcurl switch which is not available in curl 7.15 so I needed to upgrade curl on the CentOS server I was working on. The problem is that there are not any repos with newer versions of curl available so then I set out to create my own curl RPM package. I was able to do this while learning many things along the way such as signing RPM packages. The first revision of my curl RPM package was not signed but I wanted to go ahead and install it anyway so below I explain installing unsigned RPM packages using yum.