Environment
- EDR Server: All Versions
- EDR Sensor: All Versions
- Linux: All Supported Versions
- macOS: All Supported Versions
- Microsoft Windows: All Supported Versions
Question
How can the public key be downloaded when receiving an error message like this for rpm packages on the EDR Server?
warning: /tmp/cb-linux-sensor-installer-6.1.9.10139-1.noarch.rpm: Header V4 RSA/SHA1 Signature, key ID 6ac57704: NOKEY
WARNING: SensorInstallerDirLinux config value not found or empty -- using default value (/usr/share/cb/coreservices/installers/linux)
Answer
- Download the public key from this secure link: public.asc
- Run the following to import the certificate to gpg and rpm. The command assumes you are in the directory the file was dropped
sudo rpm --import public.asc
sudo gpg --import public.asc
- Run the rpm install command
rpm -i --force cb-linux-sensor-installer-<version>.noarch.rpm
- Finalize the install by with an update
/usr/share/cb/cbcheck sensor-builds --update
Additional Notes
- This will be included in a the Yum repository in a future release
- The error message is seen due to gpgcheck being enabled in the yum repo. This is not enabled by default
- Note: A restart of the services can ingest the sensor package when the default config value is used per the error message