gpg (GPU Privacy Guard 암호화 알고리즘)

01 gpg란

• 'GPU Privacy Guard'의 약자
  • GPU: Graphic Processing Unit의 약자
• 암호화 알고리즘
• 1991년 필립 R. 짐머만Philip R. Zimmermann이 PGP(Pretty Good Privacy)라는 전자 우편 암호화 도구를 기반으로 만든 소프트웨어

02 gpgcheck=value

• .repo 파일에서 gpgcheck=value의 의미

# vi /etc/yum.repos.d/myrepo.repo
[base]
name=CentOS-7 - Base
baseurl=http://mirror.centos.org/centos/7/os/x86_64/
gpgcheck=0

#released updates
[update]
name=CentOS-7 - Updates
baseurl=http://mirror.centos.org/centos/7/updates/x86_64/
gpgcheck=0
# yum repolist all

• gpgcheck=0
  • Disable GPG signature-checking on packages in all repositories, including local package installation
  • might need to set gpgcheck to 0 if a package is unsigned
    • but you should be wary that the package could have been maliciously altered
• gpgcheck=1 (기본값)
  • Enable GPG signature-checking on all packages in all repositories, including local package installation
  • 즉, verify the authenticity of the packages by checking the GPG signatures

참조

1. https://www.44bits.io/ko/post/add-signing-key-to-git-commit-by-gpg#gpggnu-privacy-guard%EB%9E%80
2. https://stackoverflow.com/questions/44849264/what-is-the-meaning-of-the-gpgcheck-in-repo-file 
3.  
4.