Document: How to configure trust in the XSEDE-Production RPM Yum repository Version: 2021-07-28 The latest and authoritative version of these instructions are at: https://software.xsede.org/production/repo/repoconfig.txt Please read this entire procedure and the final NOTES before performing any steps. a) Browse the following URL and locate the appropriate package your operating system: https://software.xsede.org/production/repo/repos/ b) Install the package located in step a, for example: sudo rpm -i https//software.xsede.org/production/repo/repos/XSEDE-Production-config..noarch.rpm You may receive a warning regarding there not being a key configured for the signature of the package. The exact phrasing differs between verions of rpm, but it should contain something similar to this: warning: /var/tmp/rpm-tmp.FIxZhN: Header V3 RSA/SHA256 Signature, key ID 20423dbb: NOKEY If you receive a warning like this, don't worry, simply complete step c) below. If you do not receive a warning, it is likely that the machine you are on already has been configured to trust XSEDE's signature, but you should still complete step c) below to confirm. c) Configure RPM to trust XSEDE's signature (PGP key) installed by the above package: sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-XSEDE-Production SECURITY NOTE: If you need greater security assurance modify the above procedure as follows: a') Browse the package directory using https and review the server's HTTPS/TLS host certificate b') Download the package over https using your favorite secure download tool c') Verify the RPM before you install it using "rpm -Kv "