AWS Security ChangesHomeSearch

AWS sap documentation change

Service: sap · 2025-10-25 · Documentation low

File: sap/latest/sap-hana/aws-backint-agent-signature.md

Summary

Removed redundant example command outputs and duplicate 'Verify the signature' section. Simplified signature verification steps by removing repetitive content.

Security assessment

The changes streamline documentation but do not address a specific security vulnerability. The removed content included warnings about GPG key trust (standard security guidance) but did not indicate a resolved security flaw.

Diff

diff --git a/sap/latest/sap-hana/aws-backint-agent-signature.md b/sap/latest/sap-hana/aws-backint-agent-signature.md
index f5c5395a4..b221fae53 100644
--- a//sap/latest/sap-hana/aws-backint-agent-signature.md
+++ b//sap/latest/sap-hana/aws-backint-agent-signature.md
@@ -5 +5 @@
-Verify the signatureVerify the signature
+Verify the signature
@@ -72,81 +71,0 @@ After you have verified the fingerprint, you can use it to verify the signature
-    gpg: Signature made Fri 08 May 2020 12:24:48 AM UTC using RSA key ID 1E65925B
-    gpg: Good signature from "AWS Backint Agent" [unknown]
-    gpg: WARNING: This key is not certified with a trusted signature!
-    gpg: There is no indication that the signature belongs to the owner.
-    Primary key fingerprint: BD35 7A5F 1AE9 38A0 213A  82A8 80D8 5C5E 1E65 925B
-    
-    shell$ gpg --verify install-aws-backint-agent.sig install-aws-backint-agent
-    gpg: Signature made Fri 08 May 2020 12:15:40 AM UTC using RSA key ID 1E65925B
-     gpg: Good signature from "AWS Backint Agent" [unknown]
-     gpg: WARNING: This key is not certified with a trusted signature!
-     gpg: There is no indication that the signature belongs to the owner.
-     Primary key fingerprint: BD35 7A5F 1AE9 38A0 213A  82A8 80D8 5C5E 1E65 925B
-
-If the output includes the phrase `BAD signature`, check whether you performed the procedure correctly. If you continue to get this response, contact Amazon Web Services and avoid using the downloaded files.
-
-###### Note
-
-A key is trusted only if you or someone you trust has signed it. If you receive a warning about trust, this doesn’t mean that the signature is invalid. Instead, it means that you have not verified the public key.
-
-
-
-
-## Verify the signature
-
-**Automatic signature verification**
-
-To enable automatic signature verification during agent installation, see the parameter descriptions at [Install AWS Backint agent using AWS Backint installer — interactive mode](./aws-backint-agent-s3-installing-configuring.html#aws-backint-agent-installer-interactive) (Step 6k).
-
-**To verify the AWS Backint agent package on a Linux server**
-
-  1. Download the public key.
-
-For the China (Beijing) Region, use the following command.
-    
-        shell$ wget https://awssap-backint-agent-cn-north-1.s3.cn-north-1.amazonaws.com.cn/binary/public-key/aws-backint-agent.gpg
-
-For the China (Ningxia) Region, use the following command.
-    
-        shell$ wget https://awssap-backint-agent-cn-northwest-1.s3.cn-northwest-1.amazonaws.com.cn/binary/public-key/aws-backint-agent.gpg
-
-  2. Import the public key into your keyring.
-    
-        shell$ gpg --import aws-backint-agent.gpg
-    gpg: key 1E65925B: public key "AWS Backint Agent" imported
-    gpg: Total number processed: 1
-    gpg: imported: 1 (RSA: 1)
-
-Make a note of the key value, as you will need it in the next step. In the preceding example, the key value is `1E65925B`.
-
-  3. Verify the fingerprint by running the following command.
-    
-        shell$ gpg --fingerprint 1E65925B
-    pub 2048R/1E65925B 2020-03-18
-    Key fingerprint = BD35 7A5F 1AE9 38A0 213A 82A8 80D8 5C5E 1E65 925B
-    uid [ unknown] AWS Backint Agent
-
-The fingerprint should be equal to the following:
-    
-        BD35 7A5F 1AE9 38A0 213A 82A8 80D8 5C5E 1E65 925B
-
-If the fingerprint string doesn’t match, don’t install the agent. Contact Amazon Web Services.
-
-After you have verified the fingerprint, you can use it to verify the signature of the AWS Backint agent binary.
-
-  4. Download the signature files for the source file and the installer.
-
-For the China (Beijing) Region, use the following command.
-    
-        shell$ wget https://awssap-backint-agent-cn-north-1.s3.cn-north-1.amazonaws.com.cn/binary/latest/aws-backint-agent.sig
-    
-    shell$ wget https://awssap-backint-agent-cn-north-1.s3.cn-north-1.amazonaws.com.cn/binary/latest/install-aws-backint-agent.sig
-
-For the China (Ningxia) Region, use the following command.
-    
-        shell$ wget https://awssap-backint-agent-cn-northwest-1.s3.cn-northwest-1.amazonaws.com.cn/binary/latest/aws-backint-agent.sig
-    
-    shell$ wget https://awssap-backint-agent-cn-northwest-1.s3.cn-northwest-1.amazonaws.com.cn/binary/latest/install-aws-backint-agent.sig
-
-  5. To verify the signature, run `gpg --verify` against the `aws-backint-agent.tar.gz` source file and `install-aws-backint-agent` installer.
-    
-        shell$ gpg --verify aws-backint-agent.sig aws-backint-agent.tar.gz