PGP Signature Error

Austin Haedicke bio photo By Austin Haedicke Comment

I’ve run into this problem after system restorations in the past and always have to do some Googling to get to the bottom of it.  Thus, I wanted to document the process here so that I have a record of it. The error in question results from running makepkg and receiving the following output:

==> ERROR:  One or more PGP signatures could not be verified!

For some clarification on the distinction between how pacman and makepkg use PGP keyrings, read this post by Allan McRae.

Per the relevant Arch Wiki section, if you absolutely trust the package source you can take the lazy way out and instruct makepkg to skip signature checking via the --skippgpcheck flag.

Alternatively, have have a look at the package’s PKGBUILD.  There should be an array of validpgpkeys.  What you will want to do is copy the given Key IDs into the following command (1):

$ gpg --recv-keys <key_id>

comments powered by Disqus