Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

CB Response: How can the public key be downloaded for RPM packages (NO KEY)?

CB Response: How can the public key be downloaded for RPM packages (NO KEY)?

Environment

  • Carbon Black Response Server: All Versions
  • Carbon Black Response Sensor: All Versions
  • Linux: All Supported Versions
  • macOS: All Supported Versions
  • Microsoft Windows: All Supported Versions

Question

How can the public key be downloaded when receiving an error message like this for rpm packages on the CB Response Server?
warning: /tmp/cb-linux-sensor-installer-6.1.9.10139-1.noarch.rpm: Header V4 RSA/SHA1 Signature, key ID 6ac57704: NOKEY
WARNING: SensorInstallerDirLinux config value not found or empty -- using default value (/usr/share/cb/coreservices/installers/linux)

Answer

  1. Download the public key from this secure link: public.asc
  2. Run the following to import the certificate to gpg and rpm. The command assumes you are in the directory the file was dropped
    sudo rpm --import public.asc
    sudo gpg --import public.asc
    
  3. Run the rpm install command
    rpm -i --force cb-linux-sensor-installer-<version>.noarch.rpm
    1. Finalize the install by with an update
      /usr/share/cb/cbcheck sensor-builds --update

      Additional Notes

      • This will be included in a the Yum repository in a future release
      • The error message is seen due to gpgcheck being enabled in the yum repo. This is not enabled by default
      • Note: A restart of the services can ingest the sensor package when the default config value is used per the error message

      Labels (1)
      Was this article helpful? Yes No
      67% helpful (2/3)
      Article Information
      Author:
      Creation Date:
      ‎12-11-2018
      Views:
      2495
      Contributors