You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2023-01-04 20:16:02
- apm
- Member
- Registered: 2022-11-20
- Posts: 3
Has archlinux GPG key changed?
Hi all,
I am preparing for a new installation and I found out that the PGP fingerprint for a new installation medium has changed. Previously the PGP was 0x9741E8AC, but in 2023.01.01 it changed to 0x54449A5C.
Since I can't find any information on the planned key rotation I wanted to verify if that is correct. Can anybody confirm that the keys were to be changed this year?
Offline
#2 2023-01-04 22:10:09
- oz
- Member
- Registered: 2004-05-20
- Posts: 102
Re: Has archlinux GPG key changed?
Yes, this was something different. My mistake. 
Last edited by oz (2023-02-24 03:01:29)
Offline
#3 2023-01-04 22:56:52
- Scimmia
- Fellow
- Registered: 2012-09-01
- Posts: 13,717
Re: Has archlinux GPG key changed?
Pierre did switch to a new key. You can see that key on the keys page. https://archlinux.org/master-keys/
What oz is talking about is completely different, nothing to do with the topic of this thread.
Offline
#4 2023-01-05 07:07:59
- apm
- Member
- Registered: 2022-11-20
- Posts: 3
Re: Has archlinux GPG key changed?
Right, this seems correct. Thank you for the information, I guess that the chances that the website was compromised and the iso checksums are wrong are also small?
The reason I am asking is that when I was checking the checksum of the iso (sha256 61dbae312cf677be38a93f424c91abadd8a8ed1f3a602b697aac4c57a7872645) I was 100% certain that this is the same checksum that I saw a few months ago. Now searching brings up the results just for the current iso release, and searching back on https://archlinux.org/releng/releases/ I can't confirm that the checksum was anywhere similar to this.
Offline
Pages: 1