You are not logged in.
- Topics: Active | Unanswered
#1 2017-11-05 10:21:42
- kabads
- Member
- Registered: 2012-09-22
- Posts: 271
- Website
[Solved] Error with GPG keys during pacman -Syu
I'm trying
$ sudo pacman -Syuand getting lots of these errors:
> error: celt: signature from "Jan Alexander Steffens (heftig) <jan.steffens@gmail.com>" is unknown trust
> :: File /var/cache/pacman/pkg/celt-0.11.3-3-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
> Do you want to delete it? [Y/n] Even if I delete them, I get this:
error: failed to commit transaction (invalid or corrupted package (PGP signature))I've also looked at this post [0] but I'm not sure if this applies to this particular problem.
Any advice gratefully received.
Adam
[0] https://bbs.archlinux.org/viewtopic.php?id=142798
Last edited by kabads (2017-11-05 21:58:37)
Offline
#2 2017-11-05 10:48:28
- WorMzy
- Administrator
- From: Scotland
- Registered: 2010-06-16
- Posts: 12,693
- Website
Re: [Solved] Error with GPG keys during pacman -Syu
Sakura:-
Mobo: MSI MAG X570S TORPEDO MAX // Processor: AMD Ryzen 9 5950X @4.9GHz // GFX: AMD Radeon RX 5700 XT // RAM: 32GB (4x 8GB) Corsair DDR4 (@ 3000MHz) // Storage: 1x 3TB HDD, 6x 1TB SSD, 2x 120GB SSD, 1x 275GB M2 SSD
Making lemonade from lemons since 2015.
Online
#3 2017-11-05 11:34:53
- kabads
- Member
- Registered: 2012-09-22
- Posts: 271
- Website
Re: [Solved] Error with GPG keys during pacman -Syu
Thanks - I tried both methods there and it still hasn't solved the problem:
$ sudo pacman --refresh-keys
...
25 signatures not checked due to missing keys
gpg: key 51E8B148A9999C34: "Evangelos Foutras <evangelos@foutrelis.com>" not changed
uid Jan Alexander Steffens (heftig) <jan.steffens@gmail.com>
sig! 7F2D434B9741E8AC 2012-02-05 Pierre Schmitz <pierre@archlinux.de>
sig!3 A5E9288C4FA415FA 2011-08-25 [self-signature]
sig!3 A5E9288C4FA415FA 2011-11-16 [self-signature]
uid Jan Alexander Steffens (heftig) <jan-alexander.steffens@smail.inf.h-brs.de>
sig! 7F2D434B9741E8AC 2012-02-05 Pierre Schmitz <pierre@archlinux.de>
sig!3 A5E9288C4FA415FA 2011-11-03 [self-signature]
uid [jpeg image of size 3837]
sig!3 A5E9288C4FA415FA 2017-01-09 [self-signature]
uid [jpeg image of size 3865]
sig! 7F2D434B9741E8AC 2012-02-05 Pierre Schmitz <pierre@archlinux.de>
sig!3 A5E9288C4FA415FA 2011-08-25 [self-signature]
sub B8520A561151A394
sig! A5E9288C4FA415FA 2011-08-25 [self-signature]
key A5E9288C4FA415FA:
10 duplicate signatures removed
222 signatures not checked due to missing keys
gpg: key A5E9288C4FA415FA: "Jan Alexander Steffens (heftig) <jan.steffens@gmail.com>" not changed
gpg: Total number processed: 20
gpg: unchanged: 20
$ sudo pacman -Sy archlinux-keyring && pacman -Su
...
Errors occurred, no packages were upgraded.
[adam@spark ~]$ sudo pacman -Sy archlinux-keyring && pacman -Su
:: Synchronising package databases...
testing is up to date
core is up to date
extra is up to date
community is up to date
multilib-testing is up to date
multilib is up to date
warning: archlinux-keyring-20171020-1 is up to date -- reinstalling
resolving dependencies...
looking for conflicting packages...
Packages (1) archlinux-keyring-20171020-1
Total Installed Size: 0.84 MiB
Net Upgrade Size: 0.00 MiB
:: Proceed with installation? [Y/n]
(1/1) checking keys in keyring [####################################################] 100%
(1/1) checking package integrity [####################################################] 100%
error: archlinux-keyring: signature from "Christian Hesse (Arch Linux Package Signing) <arch@eworm.de>" is unknown trust
:: File /var/cache/pacman/pkg/archlinux-keyring-20171020-1-any.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.
[adam@spark ~]Offline
#4 2017-11-05 11:54:35
- seth
- Member
- Registered: 2012-09-03
- Posts: 62,357
Re: [Solved] Error with GPG keys during pacman -Syu
sudo pacman --refresh-keysFtr, it's "pacman-key"
Also notice that t he troubling signature changed.
pacman-key --list-keys | grep -EC3 '(eworm|heftig)'
cat /etc/pacman.d/gnupg/gpg.conf
# and a *complete* output of
pacman-key --refresh-keysOffline
#5 2017-11-05 13:13:22
- kabads
- Member
- Registered: 2012-09-22
- Posts: 271
- Website
Re: [Solved] Error with GPG keys during pacman -Syu
Hmm, a full output of that command is proving tricky for me, as I'm only running xterm and pressing PGUP doesn't take me further up the console (no scrollbar). I can't install a new terminal as pacman isn't working. I've tried piping with:
$ sudo pacman-key --refresh-keys > /tmp/key-logbut that file is empty after all the input is piped to xterm display.
Offline
#6 2017-11-05 13:18:46
- kabads
- Member
- Registered: 2012-09-22
- Posts: 271
- Website
Re: [Solved] Error with GPG keys during pacman -Syu
OK - I fixed it by logging using the xterm command. Here is the whole output of
$ sudo pacman-key --refresh-keys
[sudo] password for adam:
gpg: refreshing 21 keys from hkp://pool.sks-keyservers.net
uid Gaetan Bisson <bisson@gaati.org>
sig! 06096A6AD1CEDDAC 2017-09-18 Laurent Carlier <lordheavym@gmail.com>
sig! AFF5D95098BC6FF5 2017-09-24 Maxime Gauduin <alucryd@alucryd.xyz>
uid Gaetan Bisson <gaetan@fenua.org>
sig! 06096A6AD1CEDDAC 2017-09-18 Laurent Carlier <lordheavym@gmail.com>
sig! AFF5D95098BC6FF5 2017-09-24 Maxime Gauduin <alucryd@alucryd.xyz>
uid Gaetan Bisson <bisson@archlinux.org>
sig! 06096A6AD1CEDDAC 2017-09-18 Laurent Carlier <lordheavym@gmail.com>
sig! AFF5D95098BC6FF5 2017-09-24 Maxime Gauduin <alucryd@alucryd.xyz>
sub F4781C02544A42A1
sig! EEEEE2EEEE2EEEEE 2017-08-27 [self-signature]
uid Gaetan Bisson <bisson@gaati.org> (reordered signatures follow)
sig!3 EEEEE2EEEE2EEEEE 2017-08-27 [self-signature]
uid Gaetan Bisson <bisson@archlinux.org> (reordered signatures follow)
sig!3 EEEEE2EEEE2EEEEE 2017-08-27 [self-signature]
uid Gaetan Bisson <gaetan@fenua.org> (reordered signatures follow)
sig!3 EEEEE2EEEE2EEEEE 2017-08-27 [self-signature]
key EEEEE2EEEE2EEEEE:
10 duplicate signatures removed
31 signatures not checked due to missing keys
3 signatures reordered
gpg: key EEEEE2EEEE2EEEEE: "Gaetan Bisson <gaetan@fenua.org>" not changed
key C06086337C50773E:
11 signatures not checked due to missing keys
gpg: key C06086337C50773E: "Jelle van der Waa <jelle@vdwaa.nl>" not changed
key FCF3C8CB5CF9C8D4:
6 signatures not checked due to missing keys
gpg: key FCF3C8CB5CF9C8D4: "Alexander Rødseth <rodseth@gmail.com>" not changed
uid Florian Pritz <f-p@gmx.at>
rev! 6D1655C14CE1C13E 2011-06-26 [revocation]
sig!3 6D1655C14CE1C13E 2008-08-01 [self-signature]
sig!3 6D1655C14CE1C13E 2011-04-28 [self-signature]
uid Florian Pritz <flo@xinu.at>
sig!3 6D1655C14CE1C13E 2011-03-20 [self-signature]
sig!3 6D1655C14CE1C13E 2011-04-28 [self-signature]
sig!3 6D1655C14CE1C13E 2011-06-04 [self-signature]
uid Florian Pritz <flo@xssn.at>
rev! 6D1655C14CE1C13E 2011-06-26 [revocation]
sig!3 6D1655C14CE1C13E 2009-03-31 [self-signature]
uid Florian Pritz <admin@xssn.at>
rev! 6D1655C14CE1C13E 2011-06-26 [revocation]
sig!3 6D1655C14CE1C13E 2009-03-31 [self-signature]
uid Florian Pritz <bluewind@xinu.at>
sig!3 6D1655C14CE1C13E 2010-08-29 [self-signature]
sig!3 6D1655C14CE1C13E 2011-06-04 [self-signature]
sig!3 6D1655C14CE1C13E 2011-06-04 [self-signature]
uid Florian Pritz <bluewind@xssn.at>
rev! 6D1655C14CE1C13E 2011-06-26 [revocation]
sig!3 6D1655C14CE1C13E 2009-03-31 [self-signature]
uid Florian Pritz <flo@server-speed.net>
rev! 6D1655C14CE1C13E 2011-06-26 [revocation]
sig!3 6D1655C14CE1C13E 2009-03-31 [self-signature]
uid Florian Pritz <admin@server-speed.net>
rev! 6D1655C14CE1C13E 2011-06-26 [revocation]
sig!3 6D1655C14CE1C13E 2008-08-01 [self-signature]
uid Florian Pritz <bluewind@jabber.ccc.de>
sig!3 6D1655C14CE1C13E 2009-04-07 [self-signature]
sig!3 6D1655C14CE1C13E 2011-06-04 [self-signature]
uid Florian Pritz <bluewind@server-speed.net>
rev! 6D1655C14CE1C13E 2011-06-26 [revocation]
sig!3 6D1655C14CE1C13E 2008-12-02 [self-signature]
sig!3 6D1655C14CE1C13E 2009-04-07 [self-signature]
sig-3 6D1655C14CE1C13E 2009-04-07 Florian Pritz <bluewind@xinu.at>
sub 89B75E070965A73B
sig! 6D1655C14CE1C13E 2008-08-01 [self-signature]
uid Florian Pritz <bluewind@archlinux.org> (reordered signatures follow)
sig!3 6D1655C14CE1C13E 2016-07-25 [self-signature]
key 6D1655C14CE1C13E:
1 duplicate signature removed
92 signatures not checked due to missing keys
1 bad signature
1 signature reordered
gpg: key 6D1655C14CE1C13E: "Florian Pritz <bluewind@xinu.at>" not changed
key 332C9C40F40D2072:
14 signatures not checked due to missing keys
gpg: key 332C9C40F40D2072: "Jonathan Steel <mail@jsteel.org>" not changed
key 771DF6627EDF681F:
21 signatures not checked due to missing keys
gpg: key 771DF6627EDF681F: "Tobias Powalowski <tobias.powalowski@googlemail.com>" not changed
key 7F2D434B9741E8AC:
27 signatures not checked due to missing keys
gpg: key 7F2D434B9741E8AC: "Pierre Schmitz <pierre@archlinux.de>" not changed
key 06096A6AD1CEDDAC:
12 signatures not checked due to missing keys
gpg: key 06096A6AD1CEDDAC: "Laurent Carlier <lordheavym@gmail.com>" not changed
key FC1B547C8D8172C8:
102 signatures not checked due to missing keys
gpg: key FC1B547C8D8172C8: "Levente Polyak (anthraxx) <levente@leventepolyak.net>" not changed
key BBE43771487328A9:
31 signatures not checked due to missing keys
gpg: key BBE43771487328A9: "Bartlomiej Piotrowski <b@bpiotrowski.pl>" not changed
key A6234074498E9CEE:
71 signatures not checked due to missing keys
gpg: key A6234074498E9CEE: "Christian Hesse (Arch Linux Package Signing) <arch@eworm.de>" not changed
key AFF5D95098BC6FF5:
14 signatures not checked due to missing keys
gpg: key AFF5D95098BC6FF5: "Maxime Gauduin <alucryd@alucryd.xyz>" not changed
key 39E4B877E62EB915:
9 signatures not checked due to missing keys
gpg: key 39E4B877E62EB915: "Sven-Hendrik Haase <svenstaro@gmail.com>" not changed
key 4AC5588F941C2A25:
18 signatures not checked due to missing keys
gpg: key 4AC5588F941C2A25: "Antonio Rojas <arojas@archlinux.org>" not changed
key A91764759326B440:
34 signatures not checked due to missing keys
gpg: key A91764759326B440: "Lukas Fleischer <lfleischer@lfos.de>" not changed
key 50FB9B273A9D0BB5:
11 signatures not checked due to missing keys
gpg: key 50FB9B273A9D0BB5: "Johannes Löthberg <johannes@kyriasis.com>" not changed
key 786C63F330D7CB92:
380 signatures not checked due to missing keys
gpg: key 786C63F330D7CB92: "Felix Yan <felixonmars@archlinux.org>" not changed
key 1EB2638FF56C0C53:
26 signatures not checked due to missing keys
gpg: key 1EB2638FF56C0C53: "Dave Reisner <d@falconindy.com>" not changed
key 51E8B148A9999C34:
25 signatures not checked due to missing keys
gpg: key 51E8B148A9999C34: "Evangelos Foutras <evangelos@foutrelis.com>" not changed
uid Jan Alexander Steffens (heftig) <jan.steffens@gmail.com>
sig! 7F2D434B9741E8AC 2012-02-05 Pierre Schmitz <pierre@archlinux.de>
sig!3 A5E9288C4FA415FA 2011-08-25 [self-signature]
sig!3 A5E9288C4FA415FA 2011-11-16 [self-signature]
uid Jan Alexander Steffens (heftig) <jan-alexander.steffens@smail.inf.h-brs.de>
sig! 7F2D434B9741E8AC 2012-02-05 Pierre Schmitz <pierre@archlinux.de>
sig!3 A5E9288C4FA415FA 2011-11-03 [self-signature]
uid [jpeg image of size 3837]
sig!3 A5E9288C4FA415FA 2017-01-09 [self-signature]
uid [jpeg image of size 3865]
sig! 7F2D434B9741E8AC 2012-02-05 Pierre Schmitz <pierre@archlinux.de>
sig!3 A5E9288C4FA415FA 2011-08-25 [self-signature]
sub B8520A561151A394
sig! A5E9288C4FA415FA 2011-08-25 [self-signature]
key A5E9288C4FA415FA:
10 duplicate signatures removed
222 signatures not checked due to missing keys
gpg: key A5E9288C4FA415FA: "Jan Alexander Steffens (heftig) <jan.steffens@gmail.com>" not changed
gpg: Total number processed: 20
gpg: unchanged: 20Offline
#7 2017-11-05 13:20:20
- seth
- Member
- Registered: 2012-09-03
- Posts: 62,357
Re: [Solved] Error with GPG keys during pacman -Syu
sudo pacman-key --refresh-keys > /tmp/key-log 2>&1Offline
#8 2017-11-05 13:21:56
- kabads
- Member
- Registered: 2012-09-22
- Posts: 271
- Website
Re: [Solved] Error with GPG keys during pacman -Syu
... and gpg.conf
# Options for GnuPG
# Copyright 1998-2003, 2010 Free Software Foundation, Inc.
# Copyright 1998-2003, 2010 Werner Koch
#
# This file is free software; as a special exception the author gives
# unlimited permission to copy and/or distribute it, with or without
# modifications, as long as this notice is preserved.
#
# This file is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
#
# Unless you specify which option file to use (with the command line
# option "--options filename"), GnuPG uses the file ~/.gnupg/gpg.conf
# by default.
#
# An options file can contain any long options which are available in
# GnuPG. If the first non white space character of a line is a '#',
# this line is ignored. Empty lines are also ignored.
#
# See the gpg man page for a list of options.
# If you have more than 1 secret key in your keyring, you may want to
# uncomment the following option and set your preferred keyid.
#default-key 621CC013
# If you do not pass a recipient to gpg, it will ask for one. Using
# this option you can encrypt to a default key. Key validation will
# not be done in this case. The second form uses the default key as
# default recipient.
#default-recipient some-user-id
#default-recipient-self
# Group names may be defined like this:
# group mynames = paige 0x12345678 joe patti
#
# Any time "mynames" is a recipient (-r or --recipient), it will be
# expanded to the names "paige", "joe", and "patti", and the key ID
# "0x12345678". Note there is only one level of expansion - you
# cannot make an group that points to another group. Note also that
# if there are spaces in the recipient name, this will appear as two
# recipients. In these cases it is better to use the key ID.
#group mynames = paige 0x12345678 joe patti
# GnuPG can automatically locate and retrieve keys as needed using
# this option. This happens when encrypting to an email address (in
# the "user@@example.com" form) and there are no keys matching
# "user@example.com" in the local keyring. This option takes any
# number mechanisms which are tried in the given order. The default
# is "--auto-key-locate local" to search for keys only in the local
# key database. Uncomment the next line to locate a missing key using
# two DNS based mechanisms.
#auto-key-locate local,pka,dane
# Common options for keyserver functions:
# (Note that the --keyserver option has been moved to dirmngr.conf)
#
# include-disabled = when searching, include keys marked as "disabled"
# on the keyserver (not all keyservers support this).
#
# no-include-revoked = when searching, do not include keys marked as
# "revoked" on the keyserver.
#
# verbose = show more information as the keys are fetched.
# Can be used more than once to increase the amount
# of information shown.
#
# auto-key-retrieve = automatically fetch keys as needed from the keyserver
# when verifying signatures or when importing keys that
# have been revoked by a revocation key that is not
# present on the keyring.
#
# no-include-attributes = do not include attribute IDs (aka "photo IDs")
# when sending keys to the keyserver.
#keyserver-options auto-key-retrieve
# Uncomment this line to display photo user IDs in key listings and
# when a signature from a key with a photo is verified.
#show-photos
# Use this program to display photo user IDs
#
# %i is expanded to a temporary file that contains the photo.
# %I is the same as %i, but the file isn't deleted afterwards by GnuPG.
# %k is expanded to the key ID of the key.
# %K is expanded to the long OpenPGP key ID of the key.
# %t is expanded to the extension of the image (e.g. "jpg").
# %T is expanded to the MIME type of the image (e.g. "image/jpeg").
# %f is expanded to the fingerprint of the key.
# %% is %, of course.
#
# If %i or %I are not present, then the photo is supplied to the
# viewer on standard input. If your platform supports it, standard
# input is the best way to do this as it avoids the time and effort in
# generating and then cleaning up a secure temp file.
#
# The default program is "xloadimage -fork -quiet -title 'KeyID 0x%k' stdin"
# On Mac OS X and Windows, the default is to use your regular JPEG image
# viewer.
#
# Some other viewers:
# photo-viewer "qiv %i"
# photo-viewer "ee %i"
# photo-viewer "display -title 'KeyID 0x%k'"
#
# This one saves a copy of the photo ID in your home directory:
# photo-viewer "cat > ~/photoid-for-key-%k.%t"
#
# Use your MIME handler to view photos:
# photo-viewer "metamail -q -d -b -c %T -s 'KeyID 0x%k' -f GnuPG"
# Because some mailers change lines starting with "From " to ">From "
# it is good to handle such lines in a special way when creating
# cleartext signatures; all other PGP versions do it this way too.
# To enable full OpenPGP compliance you may want to use this option.
#no-escape-from-lines
# Uncomment the following option to get rid of the copyright notice
#no-greetingOffline
#9 2017-11-05 13:26:50
- seth
- Member
- Registered: 2012-09-03
- Posts: 62,357
Re: [Solved] Error with GPG keys during pacman -Syu
That's not /etc/pacman.d/gnupg/gpg.conf, is it?
Also missing the keys that are read by --list-keys
Offline
#10 2017-11-05 13:38:53
- kabads
- Member
- Registered: 2012-09-22
- Posts: 271
- Website
Re: [Solved] Error with GPG keys during pacman -Syu
Apologies
gpg.conf
no-greeting
no-permission-warning
lock-never
keyserver hkp://pool.sks-keyservers.net
keyserver-options timeout=10and --list-keys
/etc/pacman.d/gnupg/pubring.kbx
-------------------------------
pub rsa2048 2017-11-03 [SC]
8D378A6F302823F525AC98CF7C52DE2378CD475B
uid [ultimate] Pacman Keyring Master Key <pacman@localhost>
pub rsa2048 2011-08-25 [SC]
8218F88849AAC522E94CF470A5E9288C4FA415FA
uid [ unknown] Jan Alexander Steffens (heftig) <jan.steffens@gmail.com>
uid [ unknown] Jan Alexander Steffens (heftig) <jan-alexander.steffens@smail.inf.h-brs.de>
uid [ unknown] [jpeg image of size 3837]
uid [ unknown] [jpeg image of size 3865]
sub rsa2048 2011-08-25 [E]
pub rsa2048 2010-11-12 [SC]
86CFFCA918CF3AF47147588051E8B148A9999C34
uid [ unknown] Evangelos Foutras <evangelos@foutrelis.com>
uid [ unknown] Evangelos Foutras <foutrelis@gmail.com>
uid [ unknown] Evangelos Foutras <foutrelis@archlinux.org>
sub rsa2048 2010-11-12 [E]
pub rsa2048 2011-06-25 [SC]
487EACC08557AD082088DABA1EB2638FF56C0C53
uid [ unknown] Dave Reisner <d@falconindy.com>
uid [ unknown] Dave Reisner <dreisner@archlinux.org>
sub rsa2048 2011-06-25 [E]
pub rsa4096 2012-01-20 [SC]
B5971F2C5C10A9A08C60030F786C63F330D7CB92
uid [ unknown] Felix Yan <felixonmars@archlinux.org>
uid [ unknown] Felix Yan <i@felixc.at>
uid [ unknown] Felix Yan <yanran@deepin.com>
uid [ unknown] Felix Yan <felixonmars@163.com>
uid [ unknown] Felix Yan <felixonmars@nyaa.cat>
uid [ unknown] Felix Yan <felixonmars@gmail.com>
uid [ unknown] Felix Yan <felixonmars@hust.edu.cn>
uid [ unknown] Felix Yan <felixyan@bbtechgroup.com>
uid [ unknown] Felix Yan <felixonmars@archlinuxcn.org>
uid [ unknown] keybase.io/felixonmars <felixonmars@keybase.io>
uid [ unknown] Yan, Ran (Name on Passport) <felixonmars@gmail.com>
sub rsa4096 2012-01-20 [E]
pub rsa8192 2014-01-14 [SC] [expires: 2019-07-10]
5134EF9EAF65F95B6BB1608E50FB9B273A9D0BB5
uid [ unknown] Johannes Löthberg <johannes@kyriasis.com>
sub rsa8192 2014-01-14 [E] [expires: 2019-07-10]
sub rsa8192 2014-09-21 [S] [expires: 2019-07-10]
pub rsa4096 2011-10-12 [SC]
2E36D8620221482FC45CB7F2A91764759326B440
uid [ unknown] Lukas Fleischer <lfleischer@lfos.de>
uid [ unknown] Lukas Fleischer (calcurse) <lfleischer@calcurse.org>
uid [ unknown] Lukas Fleischer (Arch Linux) <lfleischer@archlinux.org>
sub rsa4096 2011-10-12 [E]
pub rsa4096 2014-10-21 [SC]
9D74DF6F91B7BDABD5815CA84AC5588F941C2A25
uid [ unknown] Antonio Rojas <arojas@archlinux.org>
uid [ unknown] Antonio Rojas <arojas@us.es>
uid [ unknown] Antonio Rojas <nqn1976@gmail.com>
uid [ unknown] Antonio Rojas <nqn76sw@gmail.com>
sub rsa2048 2014-11-07 [S]
sub rsa2048 2014-11-07 [E]
pub rsa4096 2011-09-10 [SC]
8FC15A064950A99DD1BD14DD39E4B877E62EB915
uid [ unknown] Sven-Hendrik Haase <svenstaro@gmail.com>
uid [ unknown] Sven-Hendrik Haase <sh@lutzhaase.com>
sub rsa4096 2011-09-10 [E]
pub rsa2048 2013-01-21 [SC]
9437DD3815A7A9169E3D3946AFF5D95098BC6FF5
uid [ unknown] Maxime Gauduin <alucryd@alucryd.xyz>
uid [ unknown] Maxime Gauduin <alucryd@gmail.com>
uid [ unknown] Maxime Gauduin <alucryd@archlinux.org>
sub rsa2048 2013-01-21 [E]
pub rsa2048 2011-08-12 [SC]
02FD1C7A934E614545849F19A6234074498E9CEE
uid [ unknown] Christian Hesse (Arch Linux Package Signing) <arch@eworm.de>
sub rsa2048 2011-08-12 [E]
pub rsa2048 2011-10-10 [SC]
F3691687D867B81B51CE07D9BBE43771487328A9
uid [ unknown] Bartlomiej Piotrowski <b@bpiotrowski.pl>
uid [ unknown] Bartłomiej Piotrowski <b@bpiotrowski.pl>
uid [ unknown] Bartłomiej Piotrowski <bpiotrowski@archlinux.org>
uid [ unknown] Bartlomiej Piotrowski (Barthalion) <barthalion@gmail.com>
uid [ unknown] Bartłomiej Piotrowski (Barthalion) <barthalion@gmail.com>
sub rsa2048 2011-10-10 [E]
pub rsa4096 2011-11-07 [SC] [expires: 2018-12-31]
E240B57E2C4630BA768E2F26FC1B547C8D8172C8
uid [ unknown] Levente Polyak (anthraxx) <levente@leventepolyak.net>
uid [ unknown] Levente Polyak <Z3r0.0x00@gmail.com>
uid [ unknown] Levente Polyak <anthraxx@archlinux.org>
uid [ unknown] Levente Polyak <anthraxx@hamburg.ccc.de>
uid [ unknown] Levente Polyak <levente@leventepolyak.de>
uid [ unknown] Levente Polyak (Jabber/XMPP only) <anthraxx@jabber.ccc.de>
sub rsa4096 2011-11-07 [E] [expires: 2018-12-31]
pub rsa2048 2011-10-30 [SC]
535F8C0339450F054A4D282706096A6AD1CEDDAC
uid [ unknown] Laurent Carlier <lordheavym@gmail.com>
sub rsa2048 2011-10-30 [E]
pub rsa2048 2011-04-10 [SC]
4AA4767BBC9C4B1D18AE28B77F2D434B9741E8AC
uid [ unknown] Pierre Schmitz <pierre@archlinux.de>
sub rsa2048 2011-04-10 [E]
pub rsa2048 2011-07-18 [SC]
5B7E3FB71B7F10329A1C03AB771DF6627EDF681F
uid [ unknown] Tobias Powalowski <tobias.powalowski@googlemail.com>
uid [ unknown] Tobias Powalowski <tpowa@archlinux.org>
sub rsa2048 2011-07-18 [E]
pub rsa2048 2012-08-12 [SC]
8742F7535E7B394A1B048163332C9C40F40D2072
uid [ unknown] Jonathan Steel <mail@jsteel.org>
uid [ unknown] Jonathan Steel <jsteel@archlinux.org>
uid [ unknown] Jonathan Steel <jsteel@aur.archlinux.org>
sub rsa2048 2012-08-12 [E]
pub rsa4096 2008-08-01 [SCA]
CFA6AF15E5C74149FC1D8C086D1655C14CE1C13E
uid [ unknown] Florian Pritz <bluewind@xinu.at>
uid [ unknown] Florian Pritz <flo@xinu.at>
uid [ unknown] Florian Pritz <bluewind@archlinux.org>
uid [ unknown] Florian Pritz <bluewind@jabber.ccc.de>
sub rsa4096 2008-08-01 [E]
pub rsa2048 2011-09-29 [SC]
962855F072C7A01846405864FCF3C8CB5CF9C8D4
uid [ unknown] Alexander Rødseth <rodseth@gmail.com>
sub rsa2048 2011-09-29 [E]
pub rsa2048 2011-10-08 [SC]
E499C79F53C96A54E572FEE1C06086337C50773E
uid [ unknown] Jelle van der Waa <jelle@vdwaa.nl>
uid [ unknown] Jelle van der Waa <jelle@archlinux.org>
sub rsa2048 2011-10-08 [E]
pub ed25519 1998-03-24 [SCA]
1A60DC44245D06FEF90623D6EEEEE2EEEE2EEEEE
uid [ unknown] Gaetan Bisson <gaetan@fenua.org>
uid [ unknown] Gaetan Bisson <bisson@gaati.org>
uid [ unknown] Gaetan Bisson <bisson@archlinux.org>
sub cv25519 2017-08-27 [E]Offline
#11 2017-11-05 14:02:01
- seth
- Member
- Registered: 2012-09-03
- Posts: 62,357
Re: [Solved] Error with GPG keys during pacman -Syu
That's an impressively short keyring and the Pacman master key doesn't match mine.
See https://bbs.archlinux.org/viewtopic.php … 9#p1501589 but if you're not using Arch-archlinux but Manjaro-archlinux or antergos-archlinux or something, *now* is the time to confess before you screw up things.
Offline
#12 2017-11-05 14:39:04
- progandy
- Member
- Registered: 2012-05-17
- Posts: 5,280
Re: [Solved] Error with GPG keys during pacman -Syu
seth wrote:
That's an impressively short keyring and the Pacman master key doesn't match mine.
The Pacman Master Key is the local key created during pacman-key --init, so each installation should have a different one.
Maybe you can try to import the archlinux keyring again:
pacman-key --populate archlinuxLast edited by progandy (2017-11-05 14:44:40)
| alias CUTF='LANG=en_XX.UTF-8@POSIX ' |
Offline
#13 2017-11-05 15:00:41
- seth
- Member
- Registered: 2012-09-03
- Posts: 62,357
Re: [Solved] Error with GPG keys during pacman -Syu
Ok, thanks for the info.
So that's settled, but the suspicious lack of "@master-key.archlinux.org" keys is likely what keeps all others untrusted.
Maybe just forgot population?
Edit: Next time I better post *before* fetching coffee ;-)
Last edited by seth (2017-11-05 15:01:33)
Offline
#14 2017-11-05 18:23:30
- kabads
- Member
- Registered: 2012-09-22
- Posts: 271
- Website
Re: [Solved] Error with GPG keys during pacman -Syu
This is a pure arch Linux install but I'm away from the machine at the moment. I'll try the populate command.
Offline
#15 2017-11-05 21:07:26
- kabads
- Member
- Registered: 2012-09-22
- Posts: 271
- Website
Re: [Solved] Error with GPG keys during pacman -Syu
There's still a problem as I'm now getting this from the --populate
Sorry, try again.
Sorry, try again.
==> Appending keys from archlinux.gpg...
key EEEEE2EEEE2EEEEE:
13 signatures not checked due to missing keys
key 6D1655C14CE1C13E:
1 signature not checked due to a missing key
key 9C02FF419FECBE16:
4 signatures not checked due to missing keys
key A5E9288C4FA415FA:
5 signatures not checked due to missing keys
==> Locally signing trusted keys in keyring...
-> Locally signing key DDB867B92AA789C165EEFA799B729B06A680C281...
-> Locally signing key 684148BB25B49E986A4944C55184252D824B18E8...
-> Locally signing key 91FFE0700E80619CEB73235CA88E23E377514E00...
-> Locally signing key AB19265E5D7D20687D303246BA1DFB64FFF979E7...
-> Locally signing key 0E8B644079F599DFC1DDC3973348882F6AC6A4C2...
-> Locally signing key 44D4A033AC140143927397D47EFD567D4C7EA887...
==> Importing owner trust values...
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
gpg: setting ownertrust to 4
==> Disabling revoked keys in keyring...
-> Disabling key 7FA647CD89891DEDC060287BB9113D1ED21E1A55...
-> Disabling key D4DE5ABDE2A7287644EAC7E36D1A9E70E19DAA50...
-> Disabling key 40440DC037C05620984379A6761FAD69BA06C6A9...
-> Disabling key B1F2C889CB2CCB2ADA36D963097D629E437520BD...
-> Disabling key BC1FBE4D2826A0B51E47ED62E2539214C6C11350...
-> Disabling key 63F395DE2D6398BBE458F281F2DBB4931985A992...
-> Disabling key 8F76BEEA0289F9E1D3E229C05F946DED983D4366...
-> Disabling key 4FCF887689C41B09506BE8D5F3E1D5C5D30DB0AD...
-> Disabling key 81D7F8241DB38BC759C80FCE3A726C6170E80477...
-> Disabling key 5E7585ADFF106BFFBBA319DC654B877A0864983E...
-> Disabling key E7210A59715F6940CF9A4E36A001876699AD6E84...
-> Disabling key F5A361A3A13554B85E57DDDAAF7EF7873CFD4BB6...
-> Disabling key 8CF934E339CAD8ABF342E822E711306E3C4F88BC...
-> Disabling key 5696C003B0854206450C8E5BE613C09CB4440678...
-> Disabling key 9515D8A8EAB88E49BB65EDBCE6B456CAF15447D5...
-> Disabling key 4A8B17E20B88ACA61860009B5CED81B7C2E5C0D2...
-> Disabling key 0B20CA1931F5DA3A70D0F8D2EA6836E1AB441196...
-> Disabling key 34C5D94FE7E7913E86DC427E7FB1A3800C84C0A5...
-> Disabling key 39F880E50E49A4D11341E8F939E4F17F295AFBF4...
-> Disabling key 66BD74A036D522F51DD70A3C7F2A16726521E06D...
-> Disabling key 27FFC4769E19F096D41D9265A04F9397CDFD6BB0...
==> Updating trust database...
gpg: public key of ultimately trusted key 9191359E150E6AA7 not found
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 2 signed: 6 trust: 0-, 0q, 0n, 0m, 0f, 2u
gpg: depth: 1 valid: 6 signed: 69 trust: 0-, 0q, 0n, 6m, 0f, 0u
gpg: depth: 2 valid: 69 signed: 9 trust: 69-, 0q, 0n, 0m, 0f, 0u
gpg: next trustdb check due at 2018-06-25
==> ERROR: Trust database could not be updated.Offline
#16 2017-11-05 21:29:55
- Scimmia
- Fellow
- Registered: 2012-09-01
- Posts: 12,550
Re: [Solved] Error with GPG keys during pacman -Syu
Something is seriously wrong with your keyring. How old is this installation and when was it last fully updated?
Offline
#17 2017-11-05 21:38:49
- kabads
- Member
- Registered: 2012-09-22
- Posts: 271
- Website
Re: [Solved] Error with GPG keys during pacman -Syu
Probably about a month ago - the install went fine back then. I probably installed this 4+ years ago (perhaps more). I really don't use this as my regular machine, but a fallback.
Offline
#18 2017-11-05 21:43:19
- Scimmia
- Fellow
- Registered: 2012-09-01
- Posts: 12,550
Re: [Solved] Error with GPG keys during pacman -Syu
hmm, up to date a month ago and you shouldn't be having these problems. Anyway, simplest solution would be to blow away the pacman keyring and redo it. Get rid of /etc/pacman.d/gnupg/, initialize the new keyring with pacman-key --init, then populate it with the archlinux keys again.
Offline
#19 2017-11-05 21:58:11
- kabads
- Member
- Registered: 2012-09-22
- Posts: 271
- Website
Re: [Solved] Error with GPG keys during pacman -Syu
@Scimmia - thanks- that worked. Deleting the whole /etc/pacman.d./gnupg dir and then renewing as per https://bbs.archlinux.org/viewtopic.php … 9#p1501589
Offline