signature from "Anatol Pomozov <anatol.pomozov@gmail.com>" is unknown

Bronze · 2017-09-18 13:57:04

I ran into some installation issue due to the signature of Anatol Pomozov not being trusted:

error: libcap-ng: signature from "Anatol Pomozov <anatol.pomozov@gmail.com>" is unknown trust
:: File /var/cache/pacman/pkg/libcap-ng-0.7.8-1-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] y
error: libaio: signature from "Anatol Pomozov <anatol.pomozov@gmail.com>" is unknown trust
:: File /var/cache/pacman/pkg/libaio-0.3.110-1-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] y

I fixed that, eventually, with:

# pacman-key --lsign-key 753E0F1F
# pacman-key -r 753E0F1F

Adding keys manually doesn't strike me as the best solution. However, I did manage to finish installation. Should I remove the manually added key?

Running "pacman-key --refresh-keys" after installation:

[..]
gpg: key B02854ED753E0F1F: "Anatol Pomozov <anatol.pomozov@gmail.com>" not changed
[..]

Scimmia · 2017-09-18 14:13:38

That key is signed by 5 Master Keys. It's fully trusted. See what `pacman-key --list-sigs Anatol` tells you.

Edit: Re-read; if this was on the install disk, it sounds like you used an ancient ISO.

Last edited by Scimmia (2017-09-18 14:14:57)

Bronze · 2017-09-18 14:20:36

I used the February 2017 ISO. But I also found Anatol's signature untrusted on the April 2017 ISO. Not sure if February is ancient, but yeah, not the latest

Apart from using a more recent ISO, what should have been my solution to get around the lack of trust? keyring refresh didn't do it.

Last edited by Bronze (2017-09-18 14:20:59)

Scimmia · 2017-09-18 14:22:51

A keyring refresh would have done it. The key on the ISO likely just expired.

mrunion · 2017-09-18 17:11:03

Glad it's solved! And in a rolling release like Arch, February is ancient! 9/1 ISO is out as far as I know....

Last edited by mrunion (2017-09-18 17:11:21)

Bronze · 2017-09-18 20:58:50

The 9/1 ISO gave me various issues when trying to install it on WSL.
See https://bbs.archlinux.org/viewtopic.php … 2#p1736632

the 4/1 ISO may have worked for me, had I known that manually adding Pomozov's key was fine.
I haven't tried an ISO between 4/1 and 9/1.

mrunion · 2017-09-19 12:18:00

That makes sense. But you should also know that Arch is not supported as a WSL. Make sure you mention you are using it as WSL when you ask for help.

anatolik · 2017-09-19 16:19:52

I think the workaround for 4/1 image is to install the latest version of `archlinux-keyring` package first.

But I agree that you should use the latest version of Arch ISO. If there are problems with the latest image then it is better to focus on solving it instead of going to an ancient image.

Arch Linux

#1 2017-09-18 13:57:04

signature from "Anatol Pomozov <anatol.pomozov@gmail.com>" is unknown

#2 2017-09-18 14:13:38

Re: signature from "Anatol Pomozov <anatol.pomozov@gmail.com>" is unknown

#3 2017-09-18 14:20:36

Re: signature from "Anatol Pomozov <anatol.pomozov@gmail.com>" is unknown

#4 2017-09-18 14:22:51

Re: signature from "Anatol Pomozov <anatol.pomozov@gmail.com>" is unknown

#5 2017-09-18 17:11:03

Re: signature from "Anatol Pomozov <anatol.pomozov@gmail.com>" is unknown

#6 2017-09-18 20:58:50

Re: signature from "Anatol Pomozov <anatol.pomozov@gmail.com>" is unknown

#7 2017-09-19 12:18:00

Re: signature from "Anatol Pomozov <anatol.pomozov@gmail.com>" is unknown

#8 2017-09-19 16:19:52

Re: signature from "Anatol Pomozov <anatol.pomozov@gmail.com>" is unknown

Board footer