You are not logged in.
- Topics: Active | Unanswered
#1 Today 04:13:45
- vulpes_12
- Member
- Registered: Today
- Posts: 3
Invalid PGP Signatures When Updating Packages
Whenever I attempt to update my system using sudo pacman -Syu, I receive errors indicating that several packages have invalid or corrupted PGP signatures. Here are some examples of the errors I encounter:
error: systemd: signature from "Christian Hesse <eworm@archlinux.org>" is invalid
:: File /var/cache/pacman/pkg/systemd-257.7-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] Y
This issue occurs for multiple packages, including: systemd, breeze, firefox, kscreen, linux-firmware-broadcom, linux-firmware-mediatek.
I tried using # pacman-key --init && pacman-key --populate archlinux and refreshing keys but problem persists every time i upgrade.
Last edited by vulpes_12 (Today 04:14:05)
Offline
#2 Today 05:20:59
- gromit
- Package Maintainer (PM)
- From: Germany
- Registered: 2024-02-10
- Posts: 1,153
- Website
Re: Invalid PGP Signatures When Updating Packages
Did you already try "pacman -Sy archlinux-keyring && pacman -Su"?
Offline
#3 Today 17:46:11
- vulpes_12
- Member
- Registered: Today
- Posts: 3
Re: Invalid PGP Signatures When Updating Packages
I tried running the commands:
$ sudo -Sy archlinux-keyring
$ sudo pacman -Su
However, i am still encountering the same issue of invalid PGP signature:
error: breeze: signature from "Tomaz Canabrava <tcanabrava@archlinux.org>" is invalid
:: File /var/cache/pacman/pkg/breeze-6.4.1-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] Y
error: linux-firmware-broadcom: signature from "Jan Alexander Steffens (heftig) <jan.steffens@gmail.com>" is invalid
:: File /var/cache/pacman/pkg/linux-firmware-broadcom-20250613.12fe085f-9-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] Y
error: linux-firmware-mediatek: signature from "Jan Alexander Steffens (heftig) <jan.steffens@gmail.com>" is invalid
:: File /var/cache/pacman/pkg/linux-firmware-mediatek-20250613.12fe085f-9-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
last time when this problem occur i manually removed corrupted packages from respective directories. its only happened with three firmware packages but this time its happening with more packages
Offline
#4 Today 17:47:29
- Scimmia
- Fellow
- Registered: 2012-09-01
- Posts: 12,820
Re: Invalid PGP Signatures When Updating Packages
And does deleting them and redownloading them not work here? If not, how about using a different mirror?
Online
#5 Today 17:58:30
- vulpes_12
- Member
- Registered: Today
- Posts: 3
Re: Invalid PGP Signatures When Updating Packages
deleting them and re-downloading them works but when i again go for upgrade the system every time its "(invalid or corrupted package (PGP signature))" with some packages
Offline
#6 Today 18:00:25
- Scimmia
- Fellow
- Registered: 2012-09-01
- Posts: 12,820
Re: Invalid PGP Signatures When Updating Packages
Then the packages are *actually* corrupt, and messing with the keyring won't change that. You have a stability problem somewhere, your connection, RAM, disk, etc.
Online