On Tue, Dec 20, 2011 at 20:25, Gaetan Bisson <bisson@archlinux.org> wrote:
[2011-12-20 20:19:13 +0530] Keshav P R:
There seems to be many new User IDs and Signatures. Should I do "pacman-key --refresh-keys" periodically?
Actually, `--refresh-keys` will only update signatures; to get the new keys you must either import them from pacman as you install packages signed by previously unseen keys, or use an ugly script like that to get all new keys at once:
curl https://www.archlinux.org/{developers,trustedusers}/ | awk -F\" '(/pgp.mit.edu/) {sub(/.*search=0x/,"");print $1}' | xargs sudo pacman-key --recv-keys
-- Gaetan
Now that I have refreshed the list of keys. How should I import them all? Should I do # pacman-key --updatedb or whenever I install a package which is signed with one of the new keys, will pacman import the key automatically? Sorry I am not used to this package signing of PGP thingy? Anyway thanks for you help (and for the "ugly" script). I have updated rekonq and now downloading Qt 4.8 and all other packages. Regards. Keshav