On 5/6/25 6:17 AM, Markus Schaaf wrote:
Am 04.05.25 um 19:13 schrieb Pocket:
gpg —full-gen-key gpg —export —armor —output public-key.asc pocket gpg —export-secret-keys —armor —output private-key.asc pocket The key id is pocket. For each key/attempt I imported each key into Pacman-key and signed with Pacman-key —lsign pocket Then I tried this. repo-add —sign —key pocket custom.db.tar.xz “file spec”
It failed with the error invalid key/doesn’t know the key.
makepkg and repo-add need the key in the callers keyring. They simply call gpg --detach-sign. Pacman's keyring is only for installing packages.
HTH & BR
I am going to remake my gpg key and start over. I will want to use the keying in signing packages and installation. My current project is to compile all the packages (optimizing them for -mcpu=cortex-a72) for all my systems workstations and servers for the rpi4 and rpi 5 desktop using the PKGBUILD from archlinux, not archlinuxarm as I currently do. I am about 1/3 of the way done. Still working at the package signing....... Thanks -- Hindi madali ang maging ako