archlinux

Archlinux AUR makepkg unknown PGP public key

Trust all the keys !

Maxence Sartiaux

1 min read
Archlinux AUR makepkg unknown PGP public key

Sometimes when you build a package from the AUR, some public GPG keys are not trusted and makepkg refuse to build package from this source.

==> Verifying source file signatures with gpg...
    llvm-4.0.0.src.tar.xz ... FAILED (unknown public key 0FC3042E345AD05D)
    libcxx-4.0.0.src.tar.xz ... FAILED (unknown public key 0FC3042E345AD05D)
    libcxxabi-4.0.0.src.tar.xz ... FAILED (unknown public key 0FC3042E345AD05D)
==> ERROR: One or more PGP signatures could not be verified!
==> ERROR: Makepkg was unable to build libc++.

First of all, you'll have to update the archlinux-keyring package, most of the time, this package is obselete (a long time without updates) and new keys are not known

pacman -Sy archlinux-keyring

If you still have the error, you have to trusts thoses keys (Do it only if you know the source of the package !!!).

As your current user (the one who gonna build the package)

# Download the key.
gpg --recv-keys 0FC3042E345AD05D
# Now we edit the key and trust it.
gpg --edit-key 0FC3042E345AD05D

gpg> trust
# select "full" or "ultimate"

Re-run the build procedure and we're done.