Hello! I am trying to install Veracrypt on Fedora Kinoite 42, and as the devolopers recommend I am trying to verify the GPG signatures on the RPM packages before installing. RPM-Ostree apparently does not offer the possibility to do that, so I used
(as recommended in the link above). However this returns
error: can’t create transaction lock on /usr/share/rpm/.rpm.lock (Read-only file system)
I tried to import the signing key into GPG and successfully managed to verify the signature on the RPM package that way. I still don´t quite understand how to verify the signatures of downloaded RPM packages (and not just the hashes), and how rpm-ostree does not offer the possibility to verify packages. I also believe the error is somehow related to the atomic filesystem, but I do not understand how.
I am not sure I understand what you mean, and do not see how the article you linked to relates to my questions.
If your question was what I plan to use Veracrypt for: I have some old backups encrypted using Veracrypt on my old Mac, which is now broken. I could also decrypt the backups using Veracrypt on a friends computer and reencrypt them using some linux format, but I decided on using Veracrypt back then because it is multi OS compatible.
My question was actually less about Veracrypt though, and more about RPM (-Ostree) and GPG
I understand that your question was about gpg verification and rpm-ostree and you are not looking for a Veracrypt alternative.
But I’d like to point out that there is an alternative, especially since this is about backups, which you may need only infrequently (and hopefully never): You should be able to mount Veracrypt volumes using cryptsetup, see its man page.