Does the yum
package manager in CentOS/RHEL-based systems require successful cryptographic authentication and integrity validation for all packages?
I know that software downloaded with apt-get
packages must be cryptographically verified because the repo's manifest files (synced with apt-get update
) are cryptographically signed.
But what about yum
?
Do Operating Systems with yum
require valid signatures from a pinned set of keys on all packages by default?