Verify Your RPM Signature

To verify the rpm's:

1. Download the 4096 signing key at the Tenable Download Site.

   You will get a file named tenable-4096.gpg.

2. Run the following command to import the file.

   rpm --import tenable-4096.gpg

3. Run the following command to check your downloaded rpm, (for example. nnm-6.1.0-es7.x86_64.rpm).

   rpm -Kv nnm-6.1.0-es7.x86_64.rpm

Tenable Nessus Network Monitor outputs the results of the command. (The 4096 bit key is "V3 RSA/SHA256"):

Header V3 RSA/SHA256 Signature, key ID 2f12969d: OK

Header SHA1 digest: OK (118e3221435977b9ae64b51aab0f2aaef16b0336)

V3 RSA/SHA256 Signature, key ID 2f12969d: OK

MD5 digest: OK (491691a5e08510e83757c93eeeeb15a1)