SHA1 GPG Key Depreciated on RHEL 9 Derivatives

Plazey · 2022-11-02T20:37:28+00:00

There was an error rendering this rich post.

I am on Rocky Linux 9, a RHEL 9 derivative.

SHA1 has been depreciated on all RHEL 9 derivatives, which is what the GPG key is signed with. So teamviewer cannot be updated using the key without workarounds.

Teamviewer, please update to a more advanced hashing algorithm.

Workaround:

Following these steps will temporarily enable the unsecure SHA1 GPG key checks, then update, then disable again.

sudo update-crypto-policies --set DEFAULT:SHA1

sudo dnf update

update-crypto-policies --set DEFAULT

Websites with supporting data:

https://www.redhat.com/en/blog/rhel-security-sha-1-package-signatures-distrusted-rhel-9

https://dl.teamviewer.com/download/linux/signature/TeamViewer2017.asc

[Removed as per Community Guidelines]

Find more posts tagged with

Security

Linux

update

RHEL

Accepted answers

All comments

pjwelsh

Created a support ticket. Hope it moves this issue along:

[Removed as per Community Guidelines]

GhostRider2110

As of 07/15/23 this is still an issue.

bmdennis

Still an issue as of 2023-09-26. Getting really tired of having to either resign new TeamViewer packages as they come out with my own key, or disabling GPG checks in the repo file.

Seriously, TeamViewer, can you please just update your signing key to not be SHA1? Please? It's been a freaking year and a half since RHEL9 came out.

bmdennis

Another year and this still hasn't been fixed. At least it's been helping motivate us to completely move away from TeamViewer and drop our subscription.