Is the new 'home:ignis OBS Project' a legitimate key?

un_the_sun_the_sun · June 20, 2025, 6:16am

When I went to update my system today I got this message.

Looking for gpg keys in repository home:ignis.
  gpgkey=https://download.opensuse.org/repositories/home:/ignis/openSUSE_Tumbleweed/repodata/repomd.xml.key

New repository or package signing key received:

  Repository:       home:ignis
  Key Fingerprint:  12BA 25A4 5D6F 4ED3 C123 C9D3 90A7 32EE D791 70CD
  Key Name:         home:ignis OBS Project <home:ignis@build.opensuse.org>
  Key Algorithm:    RSA 4096
  Key Created:      Thu 22 Aug 2024 12:36:03 AM EEST
  Key Expires:      Fri 30 Oct 2026 11:36:00 PM EET
  Rpm Name:         gpg-pubkey-d79170cd-66c65dc3

I am wondering if this key is legitimate.

knurpht · June 20, 2025, 6:23am

Hi, welcome here
You should not use home: or devel: repos. These can seriously break your system.

knurpht · June 20, 2025, 6:26am

Replying to self:

devel: repos are untested
home: repos are the place(s) where devs/packagers break things until they can push them to the distro.

un_the_sun_the_sun · June 20, 2025, 6:35am

Running zypper pa -ir home:ignis outputs

    Note: Repository 'home:ignis' is out-of-date. You can run 'zypper refresh' as root to update it.
Loading repository data...
Reading installed packages...
No packages found.

So since there are no packages installed from this repo should I just remove it?

marel · June 20, 2025, 7:08am

Yes, remove it.

Would be also good to review your complete repo list, if you have this seemingly unknowingly installed it could be there are more things that are not better there.

un_the_sun_the_sun · June 20, 2025, 7:10am

Thanks for your help.

system · June 27, 2025, 7:10am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.