packer - ERROR: One or more PGP signatures could not be verified!

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
9
down vote

favorite
5












I'm trying to install ncurses5-compat-libs on Arch Linux with packer.



But I get this error:




==> ERROR: One or more PGP signatures could not be verified!




How can I fix it?










share|improve this question

























    up vote
    9
    down vote

    favorite
    5












    I'm trying to install ncurses5-compat-libs on Arch Linux with packer.



    But I get this error:




    ==> ERROR: One or more PGP signatures could not be verified!




    How can I fix it?










    share|improve this question























      up vote
      9
      down vote

      favorite
      5









      up vote
      9
      down vote

      favorite
      5






      5





      I'm trying to install ncurses5-compat-libs on Arch Linux with packer.



      But I get this error:




      ==> ERROR: One or more PGP signatures could not be verified!




      How can I fix it?










      share|improve this question













      I'm trying to install ncurses5-compat-libs on Arch Linux with packer.



      But I get this error:




      ==> ERROR: One or more PGP signatures could not be verified!




      How can I fix it?







      arch-linux software-installation hashsum checksum pgp






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Jun 9 '16 at 20:03









      Arch Linux Tux

      2601313




      2601313




















          3 Answers
          3






          active

          oldest

          votes

















          up vote
          10
          down vote













          You should stick to a manual installation using makepkg and understand how the compilation and installation process from the AUR works before using an AUR helper.



          Anyway, you have to import the PGP signature of the package before you install it. You can install the package without verifying its PGP signature but you shouldn't do it. You can import the PGP signature of ncurses5-compat-libs by using this command:



          gpg --keyserver pgp.mit.edu --recv-keys F7E48EDB


          Read the makepkg man page and this article before installing another package from the AUR.






          share|improve this answer



























            up vote
            1
            down vote













            I would like to extend the answer a bit.



            ==> Verifying source file signatures with gpg...
            datamash-1.1.1.tar.gz ... FAILED (unknown public key 0A11B61D3657B901)
            ==> ERROR: One or more PGP signatures could not be verified!
            ==> ERROR: Makepkg was unable to build datamash.


            Yes you need to add the key.
            That won't work until you have created your own gpg key.

            You only need to generate your own key once.



            gpg --full-gen-key


            Then you can import the key that is holding up the build process.



            gpg --recv-key 0A11B61D3657B901
            gpg --lsign 0A11B61D3657B901


            If you want to understand what is going on here is some reading
            http://allanmcrae.com/2015/01/two-pgp-keyrings-for-package-management-in-arch-linux/



            as well as the arch wiki.
            https://wiki.archlinux.org/index.php/Arch_User_Repository
            https://wiki.archlinux.org/index.php/GnuPG






            share|improve this answer



























              up vote
              0
              down vote














              Option 1 (recommended)



              It is also important to keep the archlinux-keyring-package and the system up-to-date - especially
              the archlinux-keyring-package.



              A not up-to-date archlinux-keyring-package can cause PGP signatures to be missing and thus problems with the PGP signatures.



              --



              Option 2 (not recommended)



              As a quick and dirty fix this was proposed on the archbang forum:




              Warning: Following these instructions chould damage yours and others system with dangerous malware!


              Installation without (!) integrity check: packer -S --skipinteg <package>







              share|improve this answer






















                Your Answer







                StackExchange.ready(function()
                var channelOptions =
                tags: "".split(" "),
                id: "106"
                ;
                initTagRenderer("".split(" "), "".split(" "), channelOptions);

                StackExchange.using("externalEditor", function()
                // Have to fire editor after snippets, if snippets enabled
                if (StackExchange.settings.snippets.snippetsEnabled)
                StackExchange.using("snippets", function()
                createEditor();
                );

                else
                createEditor();

                );

                function createEditor()
                StackExchange.prepareEditor(
                heartbeatType: 'answer',
                convertImagesToLinks: false,
                noModals: false,
                showLowRepImageUploadWarning: true,
                reputationToPostImages: null,
                bindNavPrevention: true,
                postfix: "",
                onDemand: true,
                discardSelector: ".discard-answer"
                ,immediatelyShowMarkdownHelp:true
                );



                );













                 

                draft saved


                draft discarded


















                StackExchange.ready(
                function ()
                StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f288794%2fpacker-error-one-or-more-pgp-signatures-could-not-be-verified%23new-answer', 'question_page');

                );

                Post as a guest






























                3 Answers
                3






                active

                oldest

                votes








                3 Answers
                3






                active

                oldest

                votes









                active

                oldest

                votes






                active

                oldest

                votes








                up vote
                10
                down vote













                You should stick to a manual installation using makepkg and understand how the compilation and installation process from the AUR works before using an AUR helper.



                Anyway, you have to import the PGP signature of the package before you install it. You can install the package without verifying its PGP signature but you shouldn't do it. You can import the PGP signature of ncurses5-compat-libs by using this command:



                gpg --keyserver pgp.mit.edu --recv-keys F7E48EDB


                Read the makepkg man page and this article before installing another package from the AUR.






                share|improve this answer
























                  up vote
                  10
                  down vote













                  You should stick to a manual installation using makepkg and understand how the compilation and installation process from the AUR works before using an AUR helper.



                  Anyway, you have to import the PGP signature of the package before you install it. You can install the package without verifying its PGP signature but you shouldn't do it. You can import the PGP signature of ncurses5-compat-libs by using this command:



                  gpg --keyserver pgp.mit.edu --recv-keys F7E48EDB


                  Read the makepkg man page and this article before installing another package from the AUR.






                  share|improve this answer






















                    up vote
                    10
                    down vote










                    up vote
                    10
                    down vote









                    You should stick to a manual installation using makepkg and understand how the compilation and installation process from the AUR works before using an AUR helper.



                    Anyway, you have to import the PGP signature of the package before you install it. You can install the package without verifying its PGP signature but you shouldn't do it. You can import the PGP signature of ncurses5-compat-libs by using this command:



                    gpg --keyserver pgp.mit.edu --recv-keys F7E48EDB


                    Read the makepkg man page and this article before installing another package from the AUR.






                    share|improve this answer












                    You should stick to a manual installation using makepkg and understand how the compilation and installation process from the AUR works before using an AUR helper.



                    Anyway, you have to import the PGP signature of the package before you install it. You can install the package without verifying its PGP signature but you shouldn't do it. You can import the PGP signature of ncurses5-compat-libs by using this command:



                    gpg --keyserver pgp.mit.edu --recv-keys F7E48EDB


                    Read the makepkg man page and this article before installing another package from the AUR.







                    share|improve this answer












                    share|improve this answer



                    share|improve this answer










                    answered Jun 13 '16 at 4:01









                    Libre Arch

                    1587




                    1587






















                        up vote
                        1
                        down vote













                        I would like to extend the answer a bit.



                        ==> Verifying source file signatures with gpg...
                        datamash-1.1.1.tar.gz ... FAILED (unknown public key 0A11B61D3657B901)
                        ==> ERROR: One or more PGP signatures could not be verified!
                        ==> ERROR: Makepkg was unable to build datamash.


                        Yes you need to add the key.
                        That won't work until you have created your own gpg key.

                        You only need to generate your own key once.



                        gpg --full-gen-key


                        Then you can import the key that is holding up the build process.



                        gpg --recv-key 0A11B61D3657B901
                        gpg --lsign 0A11B61D3657B901


                        If you want to understand what is going on here is some reading
                        http://allanmcrae.com/2015/01/two-pgp-keyrings-for-package-management-in-arch-linux/



                        as well as the arch wiki.
                        https://wiki.archlinux.org/index.php/Arch_User_Repository
                        https://wiki.archlinux.org/index.php/GnuPG






                        share|improve this answer
























                          up vote
                          1
                          down vote













                          I would like to extend the answer a bit.



                          ==> Verifying source file signatures with gpg...
                          datamash-1.1.1.tar.gz ... FAILED (unknown public key 0A11B61D3657B901)
                          ==> ERROR: One or more PGP signatures could not be verified!
                          ==> ERROR: Makepkg was unable to build datamash.


                          Yes you need to add the key.
                          That won't work until you have created your own gpg key.

                          You only need to generate your own key once.



                          gpg --full-gen-key


                          Then you can import the key that is holding up the build process.



                          gpg --recv-key 0A11B61D3657B901
                          gpg --lsign 0A11B61D3657B901


                          If you want to understand what is going on here is some reading
                          http://allanmcrae.com/2015/01/two-pgp-keyrings-for-package-management-in-arch-linux/



                          as well as the arch wiki.
                          https://wiki.archlinux.org/index.php/Arch_User_Repository
                          https://wiki.archlinux.org/index.php/GnuPG






                          share|improve this answer






















                            up vote
                            1
                            down vote










                            up vote
                            1
                            down vote









                            I would like to extend the answer a bit.



                            ==> Verifying source file signatures with gpg...
                            datamash-1.1.1.tar.gz ... FAILED (unknown public key 0A11B61D3657B901)
                            ==> ERROR: One or more PGP signatures could not be verified!
                            ==> ERROR: Makepkg was unable to build datamash.


                            Yes you need to add the key.
                            That won't work until you have created your own gpg key.

                            You only need to generate your own key once.



                            gpg --full-gen-key


                            Then you can import the key that is holding up the build process.



                            gpg --recv-key 0A11B61D3657B901
                            gpg --lsign 0A11B61D3657B901


                            If you want to understand what is going on here is some reading
                            http://allanmcrae.com/2015/01/two-pgp-keyrings-for-package-management-in-arch-linux/



                            as well as the arch wiki.
                            https://wiki.archlinux.org/index.php/Arch_User_Repository
                            https://wiki.archlinux.org/index.php/GnuPG






                            share|improve this answer












                            I would like to extend the answer a bit.



                            ==> Verifying source file signatures with gpg...
                            datamash-1.1.1.tar.gz ... FAILED (unknown public key 0A11B61D3657B901)
                            ==> ERROR: One or more PGP signatures could not be verified!
                            ==> ERROR: Makepkg was unable to build datamash.


                            Yes you need to add the key.
                            That won't work until you have created your own gpg key.

                            You only need to generate your own key once.



                            gpg --full-gen-key


                            Then you can import the key that is holding up the build process.



                            gpg --recv-key 0A11B61D3657B901
                            gpg --lsign 0A11B61D3657B901


                            If you want to understand what is going on here is some reading
                            http://allanmcrae.com/2015/01/two-pgp-keyrings-for-package-management-in-arch-linux/



                            as well as the arch wiki.
                            https://wiki.archlinux.org/index.php/Arch_User_Repository
                            https://wiki.archlinux.org/index.php/GnuPG







                            share|improve this answer












                            share|improve this answer



                            share|improve this answer










                            answered Apr 19 '17 at 14:26









                            nelaaro

                            5552614




                            5552614




















                                up vote
                                0
                                down vote














                                Option 1 (recommended)



                                It is also important to keep the archlinux-keyring-package and the system up-to-date - especially
                                the archlinux-keyring-package.



                                A not up-to-date archlinux-keyring-package can cause PGP signatures to be missing and thus problems with the PGP signatures.



                                --



                                Option 2 (not recommended)



                                As a quick and dirty fix this was proposed on the archbang forum:




                                Warning: Following these instructions chould damage yours and others system with dangerous malware!


                                Installation without (!) integrity check: packer -S --skipinteg <package>







                                share|improve this answer


























                                  up vote
                                  0
                                  down vote














                                  Option 1 (recommended)



                                  It is also important to keep the archlinux-keyring-package and the system up-to-date - especially
                                  the archlinux-keyring-package.



                                  A not up-to-date archlinux-keyring-package can cause PGP signatures to be missing and thus problems with the PGP signatures.



                                  --



                                  Option 2 (not recommended)



                                  As a quick and dirty fix this was proposed on the archbang forum:




                                  Warning: Following these instructions chould damage yours and others system with dangerous malware!


                                  Installation without (!) integrity check: packer -S --skipinteg <package>







                                  share|improve this answer
























                                    up vote
                                    0
                                    down vote










                                    up vote
                                    0
                                    down vote










                                    Option 1 (recommended)



                                    It is also important to keep the archlinux-keyring-package and the system up-to-date - especially
                                    the archlinux-keyring-package.



                                    A not up-to-date archlinux-keyring-package can cause PGP signatures to be missing and thus problems with the PGP signatures.



                                    --



                                    Option 2 (not recommended)



                                    As a quick and dirty fix this was proposed on the archbang forum:




                                    Warning: Following these instructions chould damage yours and others system with dangerous malware!


                                    Installation without (!) integrity check: packer -S --skipinteg <package>







                                    share|improve this answer















                                    Option 1 (recommended)



                                    It is also important to keep the archlinux-keyring-package and the system up-to-date - especially
                                    the archlinux-keyring-package.



                                    A not up-to-date archlinux-keyring-package can cause PGP signatures to be missing and thus problems with the PGP signatures.



                                    --



                                    Option 2 (not recommended)



                                    As a quick and dirty fix this was proposed on the archbang forum:




                                    Warning: Following these instructions chould damage yours and others system with dangerous malware!


                                    Installation without (!) integrity check: packer -S --skipinteg <package>








                                    share|improve this answer














                                    share|improve this answer



                                    share|improve this answer








                                    edited Aug 28 at 0:14

























                                    answered Aug 28 at 0:09









                                    Arch Linux Tux

                                    2601313




                                    2601313



























                                         

                                        draft saved


                                        draft discarded















































                                         


                                        draft saved


                                        draft discarded














                                        StackExchange.ready(
                                        function ()
                                        StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f288794%2fpacker-error-one-or-more-pgp-signatures-could-not-be-verified%23new-answer', 'question_page');

                                        );

                                        Post as a guest













































































                                        Popular posts from this blog

                                        How to check contact read email or not when send email to Individual?

                                        Displaying single band from multi-band raster using QGIS

                                        How many registers does an x86_64 CPU actually have?