Skip to navigation

Product Signing (GPG) Keys

We use a number of GPG keys to sign our software packages. The necessary public keys are included in the relevant products and are used to automatically verify software updates. You can also verify the packages manually using the keys on this page.

Run the following command to verify an RPM package for a Red Hat product:

rpm --checksig -v <filename>.rpm

The output of this command shows whether the package is signed and which key signed it.

Release Package Signing

Please do not use package-signing keys to encrypt email messages. Refer to the Contacting Red Hat Securely section for secure communication information.

fd431d51: Red Hat, Inc. (release key 2) <security@redhat.com>

This key is used for signing Red Hat products released after October 2010 and their updates.

Location (Red Hat Enterprise Linux 6): /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
Download: Red Hat
Download: pgp.mit.edu
Fingerprint: 567E 347A D004 4ADE 55BA 8A5F 199E 2F91 FD43 1D51

37017186: Red Hat, Inc. (release key) <security@redhat.com>

This key is used for signing all Red Hat products released after January 2007 and their updates.

Location (Red Hat Enterprise Linux 5): /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
Location (Red Hat Enterprise Linux 6): /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-legacy-release
Download: Red Hat
Download: pgp.mit.edu
Fingerprint: 47DB 2877 89B2 1722 B6D9 5DDE 5326 8101 3701 7186

2fa658e0: Red Hat, Inc. (auxiliary key) <security@redhat.com>

This is our disaster recovery key. In the unlikely event we lose the ability to sign with our master hardware keys, we would switch to using this key.

Location (Red Hat Enterprise Linux 6): /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
Location (Red Hat Enterprise Linux 5): /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
Download: pgp.mit.edu
Fingerprint: 43A6 E49C 4A38 F4BE 9ABF 2A53 4568 9C88 2FA6 58E0

db42a60e: Red Hat, Inc. <security@redhat.com>

This key was used for signing all Red Hat products released prior to January 2007 as well as signing all past and future updates for those products.

Location (Red Hat Enterprise Linux 2.1, 3, and 4): /usr/share/rhn/RPM-GPG-KEY
Location (Red Hat Enterprise Linux 5): /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-former
Location (Red Hat Enterprise Linux 6): /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-legacy-former
Download: Red Hat
Download: pgp.mit.edu
Fingerprint: CA20 8686 2BD6 9DFC 65F6 ECC4 2191 80CD DB42 A60E

42193e6b: Red Hat, Inc. (RHX key) <rhx-support@redhat.com>

This key is used for signing packages distributed by Red Hat Exchange.

Location (Red Hat Exchange): /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-rhx
Location (Red Hat Enterprise Linux 6): /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-legacy-rhx
Download: Red Hat
Download: pgp.mit.edu
Fingerprint: 01AD EFD1 5A95 AE43 14DE 83C2 39A1 3A12 4219 3E6B

Beta Package Signing

897da07a: Red Hat, Inc. (beta test software) <rawhide@redhat.com>

This key is used for signing Red Hat beta test products.

Location (Red Hat Enterprise Linux 2.1, 3, and 4): /usr/share/rhn/BETA-RPM-GPG-KEY
Location (Red Hat Enterprise Linux 5): /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta
Location (Red Hat Enterprise Linux 6): /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta
Download: Red Hat
Download: pgp.mit.edu
Fingerprint: 17E8 543D 1D4A A5FA A96A 7E9F FD37 2689 897D A07A

f21541eb: Red Hat, Inc. (beta key 2) <security@redhat.com>

This key is used for signing selected Red Hat beta test products due for release after November 2009.

Location (Red Hat Enterprise Linux 6): /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta
Download: Red Hat
Download: pgp.mit.edu
Fingerprint: B08B 659E E86A F623 BC90 E8DB 938A 80CA F215 41EB