RHEL: Importing Dell key from linux.dell.com into Red Hat Enterprise Linux 9 errors with "Hash algorithm SHA1 is not available"
Сводка: Importing the Dell key signed by "PG Hypervisor Engineering" into Red Hat Enterprise Linux 9 causes the error "Signature not supported". This key is only used for VMware purposes with no failure and is not necessary for any other Linux versions. ...
Симптомы
Importing a specific public Dell key on Red Hat Enterprise Linux version 9 fails as seen below:
rpm -I https://linux.dell.com/files/pgp_pubkeys/0x274E9C32857A9594.asc
warning: Signature not supported. Hash algorithm SHA1 not available.
This error may also occur if this key is added to the yum.repos.d configuration file for a local copy of the Dell Update Package (DUP) and OpenManage Server Administrator (OMSA) repository.
Причина
Red Hat Enterprise Linux 9 by default rejects importing keys exclusively using legacy SHA1 hashing.
Разрешение
This specific key with filename 0x274E9C32857A9594.asc is only used by Dell for signing two DUP catalogs used exclusively for VMware ESXi and vSAN configurations. Unlike the other publicly posted keys in https://linux.dell.com/files/pgp_pubkeys/, this key should not be used to or imported into any other Linux release. It can be removed as a GNU Privacy Guard (GPG) key within any /etc/yum.repos.d/ configuration file as well. All other keys are signed with both SHA2 and SHA512 hashes acceptable to Red Hat Enterprise Linux 9 security policies.