To verify the GPG keys

Purpose

The following steps describe how to download and verify the NSP GPG public key and third-party keys in order to verify the GPG signatures of downloaded NSP RPM installation files.

Steps
 

Download the following file from the Nokia Support Portal to a temporary directory on a RHEL station:

nsp-signing-keys.zip


Log in as the root user on the RHEL station.


Open a console window.


Navigate to the directory that contains the downloaded file.


Enter the following:

unzip nsp-signing-keys.zip ↵

The GPG key files are extracted to the current directory.


Enter the following to display the NSP key fingerprint:

gpg gpg --show-keys --with-fingerprint --keyid-format=short nsp-rpm-signing-public-key.key ↵

Output like the following is displayed:

pub   rsa4096/C7C20997 date [SCEA]

      Key fingerprint = 7809 77B0 BA34 052A 1E18  56CE B78C C956 C7C2 0997

uid                    Nokia Corporation (NOKIA-RPM-GPG-KEY) <portal.support@nokia.com>


Review and verify the fingerprint.


If you are not performing the procedure on an NFM-P main server, go to Step 11.


Enter the following to display the td-agent key fingerprint:

gpg --show-keys --with-fingerprint --keyid-format=short GPG-KEY-td-agent↵

Output like the following is displayed:

pub   rsa4096/AB97ACBE date [SC]

      Key fingerprint = BEE6 8228 9B22 17F4 5AF4  CC3F 901F 9177 AB97 ACBE

uid                    Treasure Data, Inc (Treasure Agent Official Signing key) <support@treasure-data.com>

sub   rsa4096/A71065E9 date [E]


10 

Review and verify the fingerprint.


11 

If the fingerprint value matches the value shown in the command output, the key is valid; otherwise, contact Nokia technical support.


12 

Close the console window.

End of steps