Verifying signature of IBM Spectrum Scale packages
All IBM Spectrum
Scale packages for Red Hat® Enterprise Linux® and SLES operating systems on all supported architectures are signed with a GPG (GNU
Privacy Guard) key by IBM. The repository metadata is also signed by IBM. You can verify that a
IBM Spectrum
Scale package and repository metadata are signed by
IBM® as follows.
The public key is located in a file that is called SpectrumScale_public_key.pgp and this file is present in the IBM Spectrum® Scale installation images that can be downloaded from IBM Fix Central. For the latest version of the public key, see IBM Spectrum Scale FAQ in IBM Documentation.
The public key is located in a file that is called SpectrumScale_public_key.pgp and this file is present in the IBM Spectrum® Scale installation images that can be downloaded from IBM Fix Central. For the latest version of the public key, see IBM Spectrum Scale FAQ in IBM Documentation.
If you are using the installation toolkit, no additional steps are required. The installation toolkit checks the signature of each package and the repository metadata automatically before installation or upgrade.
For manual installation or upgrade, if you do not want to verify that the packages are signed, no additional steps are required. The signed packages function the same as the unsigned packages. If you want to manually verify that the packages are signed by IBM, do the following steps.