GPG keys used by various Linux distributions to sign packages.
- Amazon Linux
- Alma Linux
- COPR repositories
- CentOS
- EPEL
- EuroLinux
- Fedora
- Mageia
- OpenMandriva
- OpenSuse
- Oracle Linux
- Qubes
- Rocky Linux
- RosaLinux
- RPM Fusion
- Red Hat
- Navy Linux
- Scientific Linux
- United RPMs
and for third parties repos:
- Adobe
- Brave
- BlueJeans
- CalcForge
- Datto
- Dell
- Dropbox
- IUS
- JPackage
- MariaDB
- MySQL
- Microsoft
- PostgreSQL RPM Building Project
- Remi's
- Skype
- VirtualBox
- Zimbra
- Zoom
it intentionally does not include keys for Ubuntu as there exists the package ubu-keyring, for Debian as there exists the package debian-keyring, for ArchLinux as there exists the package archlinux-keyrings.
For up to date list of keys see SOURCES.md.
If you are owner of the GPG key, you can generate TYPE 61 DNS records and clients can verify it using DNSSEC and Different OpenGPG DNS entries for the same email.
Here is overview of availability of DNS entries for GPG keys:
| Provider | DNS entry | DNSSEC |
|---|---|---|
| Fedora | ✔️ | ✔️ |
| Epel | ✔️ | ✔️ |
| Red Hat | ✔️ | ❌ |
| CentOS | requested | ❌ |
| OpenSuse | ✔️ | ✔️ |
| RPM Fusion | requested | ❌ |
| Dropbox | requested | ❌ |
The keys can be fetched using resolvectl openpgp EMAIL. e.g. resolvectl openpgp [email protected]
If you are going to package this project, then consider packaging Copr keys as subpackage as it is quite big.
This project is available as a package in Fedora, EPEL, openSUSE, archLinux, Mageia, OpenMandriva.
To get tar.gz:
dnf install tito
git clone git://github.com/xsuchy/distribution-gpg-keys.git
cd distribution-gpg-keys
tito build --tgz
To get SRPM:
tito build --srpm
To get RPM:
tito build --rpm
To create new release:
# do NOT create changelog entries
git commit
tito tag
git push && git push --tags