My problem I think is very simple. I would like to have opkg verify signatures before installing packages from my custom opkg repository. The issue I am having is that the keys I added to the opkg-keyrings yocto recipe are all marked as unknown on the target by gpg. They are all installed though. So when i attempt to install a package form my custom repository, It fails because there are no trusted keys. I do not believe that this is a yocto bug, but I am running rocko.
Thank you.
I have gone through the relevant recipes and just don't see anything to change the behavior.
when i attempt to run opkg update i receive the following error.
Collected errors:
opkg_verify_gpg_signature: No sufficently trusted public keys found.
gpg -k result on target(verify fails)
uid [ unknown]
gpg -k result on pc where verify succeeds.
uid
[ultimate]
opkg-key populate opkg-key adv --list-keys --fingerprint --with-colons |\ sed -E -n -e 's/^fpr:::::::::([0-9A-F]+):$/\1:6/p' |\ opkg-key adv --import-ownertrust
I wanted to add this for anyone who finds the question. I ended up adding a service at start up that runs a script that enables the keys. I have included the key portions of the script above.