From ArchWiki
Jump to: navigation, search

Quick'n'dirty pacman key signing set up guide

At some point, pacman wants to upgrade itself to the newest version. Do that:

pacman -Syu

Initialize keychain

pacman-key --init # maybe run ls -Rlah or updatedb in another terminal to increase entropy

Import the Masterkeys

pacman-key -r 0x6AC6A4C2 0x824B18E8 0x4C7EA887 0xCDFD6BB0 0xFFF979E7

For all the keys, set a trustlevel of 3 and compare the fingerprints. The gpg shell will come up. You will need to lsign, trust and save 5 times in total.

pacman-key --edit-key 0x6AC6A4C2 0x824B18E8 0x4C7EA887 0xCDFD6BB0 0xFFF979E7

Inside gpg, sign the key locally. After typing lsign, check that the fingerprint shown inside gpg matches the one on Masterkeys]

gpg> lsign 

Next, trust the key with a value of 3

gpg> trust

Finally, save the changes

gpg> save

When done with all 5 keys, gpg will exit. When installing packages, pacman will ask to import trusted user keys. If you're certain that the installation will be fine you can help the process along by doing

yes | pacman -Syu