Installing Broadcom LSA under Rocky Linux 9.2

Hi. Has anyone installed and ran Broadcom LSA successfully under Rocky Linux 9.2? I am familiar with the installation steps. I can install and run LSA under Rocky Linux 8.8 and Ubuntu 20.04 LTS.

But it doesn’t work under 9.2. The installation log has this error

error: pubKey.asc: key 1 import failed

Thank you in advance for any help.

1 Like

It appears you’ll need to change your crypto policy to legacy. According to Installing LSA for Rocky Linux 9 | ServeTheHome Forums the key is signed with SHA1.

(update-crypto-policies --set LEGACY)

Edit: that’s unnecessarily broad of a change. As @jlehtone suggested below: update-crypto-policies --set DEFAULT:SHA1. Explicitly edited to ensure anyone stumbling on this post doesn’t follow my bad advice lol.


In principle, for SHA1, one could stay at “default+sha1”:
update-crypto-policies --set DEFAULT:SHA1


It might be possible to define a custom subpolicy that is more limited than the pre-defined SHA1 subpolicy (but still enough for the LSA). That, however, does not follow KISS.

The rhel-system-roles package makes Ansible playbook possible:

- hosts: all
    role: rhel-system-roles.crypto_policies
      crypto_policies_policy: "DEFAULT:SHA1"

Is that “more complicated” than just calling the update-crypto-policies? Yes, a bit, but then one has that detail of config in one additional place (in addition to .bash_history, good notes, and verbal communication from former colleagues).

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.