On Tue, 17 Jan 2012 23:20:41 +0100 Maciej Mazur <mamciek@gmail.com> wrote:
I have just upgraded to pacman 4, and as instructed I executed "pacman-key --init". It generated new GPG key "Pacman Keychain Master Key <pacman@localhost>" and imported it into pacman keyring.
The question is: should i replace it with my own private GPG key that I use normally? I understand that it should all work well with the generated one, but since I already have GPG key, then wouldn't it make more sense to use it instead of generated one?
If the answer for that question is yes, then is it better to import my GPG key into pacman keyring or instruct pacman to use my regular gnupg keyring at ~/.gnupg ?
Maciej
No. Pacman keyring is for package verification. It is located in GPGDir = /etc/pacman.d/gnupg/ and contains packagers' public keys. Your sec. key is for your user ONLY. If you make your own packages, sign them and want them to be verified, you should import your PUBLIC key via pacman-key. -- Leonid Isaev GnuPG key ID: 164B5A6D Key fingerprint: C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D