public key for pgdg-redhat-repo-latest.noarch.rpm is not installed | Solved

ByGary Kee

When working with RPM-based systems like Red Hat or CentOS, you might encounter an error stating that the “public key for pgdg-redhat-repo-latest.noarch.rpm is not installed.” 

This issue arises when you try to install PostgreSQL or any other software from the PostgreSQL Global Development Group (PGDG) repository, and the system cannot verify the authenticity of the package due to a missing GPG key.

public key for pgdg-redhat-repo-latest.noarch.rpm is not installed Solved

What Causes this Error? 

RPM packages are often signed with a GPG (GNU Privacy Guard) key to ensure that they haven’t been tampered with. When you try to install an RPM package, your system checks this signature against a locally stored public key. If the public key is not available, your system cannot verify the package, resulting in the error.

What Is a GPG Key, and Why Is It Important? 

A GPG key is a cryptographic key used for signing packages. It ensures that the package you are installing is authentic and has not been tampered with. Without verifying the GPG key, there is a risk of installing compromised software.

How to Import an RPM GPG Key?

Below are the methods of importing an RPM GPG key onto your system.

1. Importing the GPG Key Manually

The most straightforward solution is to manually import the missing GPG key. The GPG key is usually available on the PostgreSQL official website or from the repository’s metadata.

To import the GPG key, you can use the following command:

sudo rpm —import https://download.postgresql.org/pub/repos/yum/RPM-GPG-KEY-PGDG

This command imports the GPG key directly from the PostgreSQL repository. The rpm –import command tells your system to download and install the GPG key specified by the URL.

After importing the key, try installing the package again. Your system should now be able to verify the package’s authenticity.

2. Installing the Key via Package

Sometimes, the GPG key might be available as a package itself. This can be useful if you prefer to manage GPG keys through your package manager.

To install the key package, use:

sudo yum install -y pgdg-redhat-repo

This command installs the PostgreSQL repository package for Red Hat-based systems. The yum package manager is instructed to fetch and install the pgdg-redhat-repo package, which includes the GPG key and other necessary configurations. The -y flag automatically answers “yes” to any prompts during installation.

Once installed, the repository configuration and GPG key should be in place, allowing you to install PostgreSQL packages without any issues.

3. Verifying the GPG Key Installation

After importing the GPG key, it’s good practice to verify that it’s correctly installed on your system.

You can list the installed GPG keys with:

sudo rpm –q gpg-pubkey

This command queries the RPM database for installed GPG keys. It will display a list of keys with their corresponding IDs and installation dates. Check if the key for PostgreSQL is listed.

If the key is correctly installed, you should see an entry corresponding to the PostgreSQL GPG key.

Can I Bypass the GPG Key Verification?

You can bypass the verification by using the –nogpgcheck option with yum or rpm. 

sudo yum install –nogpgcheck package_name

However, this is not recommended as it exposes your system to potential security risks. It’s always safer to verify the authenticity of the packages you install and we strongly advise against bypassing GPG key verification.

The risks involved with GPG key verification are:

Compromised Packages: Without verification, you could install packages altered by malicious actors, potentially leading to data theft, system compromise, or ransomware attacks.

Supply Chain Attacks: Bypassing verification opens your system to supply chain attacks, where malicious code is introduced into legitimate software.

Frequently Asked Questions

Where is the GPG key in Redhat?

The default location for the verification keys is the file “/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release”. 

How to check GPG key RPM?

You can check the validity of an RPM package’s cryptographic signature using the “rpm -K” command. A successful verification will display “gpg” or “pgp” followed by “OK” if the signature matches the one stored in the RPM database. If the package lacks a signature but its checksums are correct, you’ll still see “OK” but without the “gpg” or “pgp” indicator. 

I imported the GPG key, but the error persists. What should I do?

If the error persists after importing the key, ensure that the key URL is correct and that there are no network issues preventing your system from accessing it. You may also try clearing the yum cache using sudo yum clean all and then attempting the installation again.

Conclusion

The “public key for pgdg-redhat-repo-latest.noarch.rpm is not installed” error is a common issue when working with RPM-based systems and third-party repositories like PostgreSQL’s. Knowing how to resolve this issue through manual import or package installation, you can maintain the security and integrity of your system. 

Always ensure that your system has the correct public keys installed to verify the authenticity of the packages you are installing. Thanks for reading!

Similar Posts

Understanding And Resolving “Cannot Initialize The Data Source Object Of Ole Db Provider” Error

Understanding And Resolving “Cannot Initialize The Data Source Object Of Ole Db Provider” Error

ByNolan Granger

The issue of “Cannot initialize the data source object of OLE DB provider” often perplexes users dealing with database connectivity and OLE DB provider configurations. This problem, while frustrating, can be resolved by understanding its origins and employing effective troubleshooting steps. In this article, we’ll explore the causes behind this error, strategies to address it,…

SQL Server Maintenance Plan Best Practices | Detailed Guideline 
|

SQL Server Maintenance Plan Best Practices | Detailed Guideline 

ByNolan Granger

SQL Server maintenance plans are a critical component of any SQL Server environment. They help to ensure that your database is healthy and performing at its best. For SQL Server maintenance plans, including best practices for creating, executing, and monitoring them the whole article would be a great handnote. We will also discuss some common…

How to Move a Table Into a Schema in T-SQL? Comprehensive Guide

How to Move a Table Into a Schema in T-SQL? Comprehensive Guide

ByNolan Granger

As an SQL Server DBA, you may often need to reorganize your database structure by moving tables between different schemas. Whether you’re consolidating related tables, segregating tables for security, or simply restructuring your database, transferring tables across schemas is a common task. We are planning here to explore the ins and outs of relocating tables…

How to Use Hive Metastore in Spark | A Complete Guide 
|

How to Use Hive Metastore in Spark | A Complete Guide 

ByNolan Granger

Apache Spark is a powerful open-source distributed system that enables large-scale data processing. One of its key components, Spark SQL, offers a programming interface for seamless data manipulation. And by integrating it with Hive, a fault-tolerant data warehouse system, you can upscale its analytical capabilities.  The Hive Metastore plays a crucial role in this integration,…

Power Query Add Columns From Another Table | 2 Methods and Issues Discussed

Power Query Add Columns From Another Table | 2 Methods and Issues Discussed

ByNolan Granger

Power Query, a data manipulation tool integrated with Excel, enables users to perform various data transformations, including adding columns from another table. This capability is particularly useful when combining data from multiple sources and enriching existing datasets with additional information. The methodologies and associated issues will be discussed in the following sections. Prerequisites for Adding…

Leave a Reply

Your email address will not be published. Required fields are marked *