Hello,
I’m running Rocky Linux 9.2 and trying to install Mellanox OFED packages (specifically mft and kmod-kernel-mft-mlnx) and i’m receiving an error about bad signatures, specifically containing the SHA1 signing algorithm:
# yum -y install mft kmod-kernel-mft-mlnx
Mellanox Technologies rhel9.2-x86_64 mlnx_ofed 5.8-4.1.5.0 GA 293 kB/s | 134 kB 00:00
Dependencies resolved.
================================================================================================================
Package Architecture Version Repository Size
================================================================================================================
Installing:
kmod-kernel-mft-mlnx x86_64 4.22.1-1.rhel9u2 mlnx_ofed_5.8-4.1.5.0_base 31 k
mft x86_64 4.22.1-406 mlnx_ofed_5.8-4.1.5.0_base 71 M
Transaction Summary
================================================================================================================
Install 2 Packages
Total download size: 71 M
Installed size: 172 M
Downloading Packages:
(1/2): kmod-kernel-mft-mlnx-4.22.1-1.rhel9u2.x86_64.rpm 133 kB/s | 31 kB 00:00
(2/2): mft-4.22.1-406.x86_64.rpm 3.6 MB/s | 71 MB 00:19
----------------------------------------------------------------------------------------------------------------
Total 3.6 MB/s | 71 MB 00:19
warning: Signature not supported. Hash algorithm SHA1 not available.
warning: Signature not supported. Hash algorithm SHA1 not available.
Problem opening package mft-4.22.1-406.x86_64.rpm
The downloaded packages were saved in cache until the next successful transaction.
You can remove cached packages by executing 'yum clean packages'.
Error: GPG check FAILED
Looks like Red Hat deprecated SHA1 signatures, any way you can update to something newer? Enhancing RHEL Security: Understanding SHA-1 deprecation on RHEL 9
Thanks,
Nick