Software installs requesting only an admin password as intervention from the user
Actual behaviour:
Error/warning about"Signature verification". Ignoring this (on all the software installation this occurs) seems to complete the installation without any issues.
Error: INVALID:slack-4.12.2-0.1.fc21.x86_64 (file-79716bdd): Signature verification failed [4-Signatures public key is not available]
Header V4 RSA/SHA1 Signature, key ID 8e6c9578: NOKEY
Header SHA1 digest: OK
MD5 digest: OK
So far this has happened with all the software I have installed outside of the openSUSE repositories.
A little research with the original modal error (and not searching for the details inside it) revealed another thread where someone was having this issue. Importing the gpg key to prevents the warnings from coming up - but importing that key is a separate step.
Zoom, there is a link on the download page to download the public key.
vscode, there are instructions to install from the command line, which include importing the public key (there is also a “download” page on the vscode site that just downloads the package resulting in this signature verification error - you don’t have the key!)
Fairly new to openSUSE and this isn’t something that has ever come up as a warning/error/issue on other distros. I’m assuming that openSUSE just takes a slightly difference approach to security - another example being that openSUSE is the only distro that asks me for a wallet password each login to connect to the wifi :sarcastic:
Yes, it pays to use the YaST Repository Manager to check the status of the repository keys – usually a simple “refresh all activated repositories” does the trick …
Also, from within the Repository Manager, occasionally check the list of known keys for expired keys …