CentOS is a very solid operating system and, in our opinion, is much better on the security side than Ubuntu, especially when we run a web server.
CentOS has evolved a lot, and the transition from CentOS 6.x to 7.x has brought a lot of changes to the security side.
Many vulnerabilities on old versions of CentOS because of software installations in archives (YUM repositories) less secure. For example, a simple installation of PML (Linux, Nginx, MySQL & PHP) can cause problems in time if these packages have not been installed from safe sources.
With the launch of CentOS 7, limitations have been set for user access to system files and limitations for installing "unsigned"Or without the GPG key. If you have accessed this article, you have most likely encountered the error:
GPG key retrieval failed: [Errno 14] curl#37 - Couldn't open file ... RPM-GPG-KEY
This occurs when we want to install (ym install) or update (yum -y update) to non-content packages GNU Privacy Guard (GPG).
Software developers and developers are instructed that each software included in the installation packages (RPM) be accompanied by a signature. It's a simpler way to provide a guarantee to users that these RPMs are safe. The public key that accompanies installation packages is covered inRed Hat Network Channel Management Guide and must be recorded for each software in the archive.
If you encounter such an error, it is best to look for a public key archive from which to install the desired software. If you still want to continue with the installation, the simplest way is to disable the public key verification in the installation archive.
By default, installation archives and software updates are located in "/etc/yum.repos.d". Edit the ".repo" file with "nano" or "vi" from which the .rpm file is extracted / downloaded without the public key and disable the "gpgcheck". Set the value "0".
name=Extra Packages for Enterprise Linux 7 - $basearch
Savalti modificarile din fisierul .repo editat si rulati din nou update-ul / instalarea. Totul ar trebui sa decurga fara probleme.