Fixing AlmaLinux GPG Check Failed Issue
If you're trying to install packages on AlmaLinux and see a "GPG check failed" message, it means that the available GPG keys couldn't verify the package's signature. This could be due to a corrupt repository, an outdated or missing GPG key, or network issues.
Sample of GPG check failed message
Importing GPG key 0xC21AD6EA:
Userid : "AlmaLinux <[email protected]>"
Fingerprint: E53C F5EF 91CE B0AD 1812 ECB8 51D6 647E C21A D6EA
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux
Key imported successfully
Import of key(s) didn't help, wrong key(s)?
Reason
The problem occurred because the GPG key for the xfsdump package wasn't installed, causing the GPG check to fail during package installation. This was resolved by importing the necessary key from the AlmaLinux repository.
Solution
To fix this issue, first, clear the cached packages by using "dnf clean packages" command. After that, import the correct GPG key. Here are the things you should do in your Almalinux system to solve the problem.
Step 1: Update the GPG keys we use to check packages. Get the latest GPG keys from the repository by running this command:
# rpm --import https://repo.almalinux.org/almalinux/RPM-GPG-KEY-AlmaLinux
Step 2: Check the setup files of repositories in "/etc/yum.repos.d/" to make sure they're set up correctly. Ensure that the "gpgcheck" option is turned on and set to 1 for repositories that need verification.
# cd /etc/yum.repos.d/
# vi almalinux.repo
Step 3: If there's an error, you can remove cached packages by running 'dnf clean packages'. But before that, execute these commands:
# rpm --import "file:///etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux"
# dnf clean packages
Optionally:
# dnf update lsphp82-mysqlnd && dnf update lsphp82-pdo
# dnf update
Step 4: Don't switch from CentOS 7 to CentOS Stream 8 to AlmaLinux 8. If you're on Stream 8, move up to Alma 9 instead of sideways.
Step 5: Also, remove all old Leapp packages for both CentOS 7 and I686:
# rpm --import https://repo.almalinux.org/almalinux/RPM-GPG-KEY-AlmaLinux-8
# dnf remove leapp* *.i686
# dnf clean all
If you're installing the 8 to 9 leapp items, try that.
Migration isn't just about repositories. Start by removing all leap packages: dnf remove leapp*, then clean all with dnf clean all, and delete /var/cache/dnf. Finally, update the cache with dnf makecache.
Step 6: Check that the system's time and date are correct. GPG key verification failures might happen due to wrong system time.
# timedatectl
Step 7: Sometimes, refreshing the repository data can fix GPG key problems. To refresh repository metadata, use these commands:
# yum clean all
# yum makecache
Step 8: If the keys are old, upgrade them using this command because they're part of the almalinux-release package. Then, check other packages again.
# dnf upgrade almalinux-release
If this doesn't work, disabling GPG key checking for repositories is a temporary solution, but not recommended.
Conclusion
In conclusion, to fix the AlmaLinux "GPG Check Failed" error, ensure that you update GPG keys from the repository, verify repository setup files, remove cached packages if necessary, avoid unsupported migrations, delete outdated Leapp packages, verify system time, refresh repository data, and upgrade old keys if applicable. Disabling GPG key checking is not recommended as it's only a temporary workaround.
