You are not logged in.

#1 2014-12-01 00:59:36

Registered: 2011-05-04
Posts: 11

[SOLVED] Can't sign key with pacman-key

I've been reading and digging all over the place but I can't seem to find anything on this.

1. I have created my own keys for signing packages that I want to put in a local repo so I don't have to compile the same package over and over on all my machines.
2. I have imported said key using sudo pacman-key --add rdjack21.pgp
3. Used sudo pacman-key --lsign rdjack21 I get this output:

  -> Locally signing key rdjack21...
==> ERROR: rdjack21 could not be locally signed.

4. Ok so lets sudo pacman-key --edit rdjack21  output:
gpg> sign

pub  rsa2048/3D1B5544
     created: 2014-11-30  expires: never       usage: SC 
     trust: ultimate      validity: ultimate
Primary key fingerprint: B0D7 C728 31FA B2B0 6A3C  7086 DC7F DE0C 3D1B 5544

     Richard Jackson <>

Are you sure that you want to sign this key with your
key "Pacman Keyring Master Key <pacman@localhost>" (645ECB0E)

Really sign? (y/N) y
gpg: signing failed: No pinentry
gpg: signing failed: No pinentry


5. To hack this and make pacman work with my local repo signed by the rdjack21 key I had to change the trust to ultimate but I do not like that solution. I would prefer to sign the key and move the trust back down to full which is where it should be.

This is happening on all of my boxes not just one of them. I did find something on the web about "No pinentry" message above and the sugestion was to change the owner of the tty I'm using to be root for the signing to work but that did not work for me (su'ed to root first instead of running everything with sudo).

While changeing the trust works that just feels wrong to me. I really should beable to sign the key.

Last edited by rdjack21 (2014-12-01 01:50:05)


#2 2014-12-01 01:49:10

Registered: 2011-05-04
Posts: 11

Re: [SOLVED] Can't sign key with pacman-key

Taking a clue post gnupg 2.1.0-4 upgrade breaks passphrase via STDIN I was able to solve the problem and I can now sign keys.

The solution is add "pinentry-mode loopback" to /etc/pacman.d/gnupg/gpg.conf
And create the file /etc/pacman.d/gnupg/gpg-agent.conf and put "allow-loopback-pinentry" in the file.

Once that is done everythings works as expected!

Marking this as solved.


Board footer

Powered by FluxBB