I got this error when doing
sudo dnf update today:
$ sudo dnf update -y [...] zoom 3.6 kB/s | 1.8 kB 00:00 GPG key at https://zoom.us/linux/download/pubkey (0x61A7C71D) is already installed The GPG keys listed for the "zoom" repository are already installed but they are not correct for this package. Check that the correct key URLs are configured for this repository.. Failing package is: zoom-188.8.131.52-1.x86_64 GPG Keys are configured as: https://zoom.us/linux/download/pubkey The downloaded packages were saved in cache until the next successful transaction. You can remove cached packages by executing 'dnf clean packages'. Error: GPG check FAILED
(Note: I have a daily script that updates a local yum repo with any new Zoom release. Zoom doesn’t offer a yum repo itself.)
The gpg key at
https://zoom.us/linux/download/pubkey doesn’t match the key that the latest zoom rpm package (v5.12.6) was signed with.
Fingerprint of https://zoom.us/linux/download/pubkey :
$ gpg --show-keys <(curl -s https://zoom.us/linux/download/pubkey) pub rsa2048 2015-06-07 [SC] 396060CADD8A75220BFCB369B903BF1861A7C71D uid Zoom Video Communcations, Inc. Linux Package Signing Key <firstname.lastname@example.org> sub rsa2048 2015-06-07 [E]
Key ID (last 16 hex chars of fingerprint) of the key that was used to sign the zoom package:
$ rpm -qi ./zoom-184.108.40.206-1.rpm | grep -E '^Signature' warning: ./zoom-220.127.116.11-1.rpm: Header V4 RSA/SHA512 Signature, key ID dd79b481: NOKEY Signature : RSA/SHA512, Mon 07 Nov 2022 01:22:58 AM HST, Key ID 7b04a1b8dd79b481
The fingerprints don’t match, hence the error I received.