[AUR] ERROR: One or more PGP signatures could not be verified

Aron Schüler Published


When building packages from the AUR, an Arch User will encounter the following error: ERROR: One or more PGP signatures could not be verified This error shows that the signature, used to sign the released PKGBUILD, is not known to your system. Let’s fix the PGP signature on AUR packages!

Importing the PGP signature

The solution here is to import the expected PGP signature into your systems public key ring. Arch uses the GnuPG implementation of the OpenPGP standard, as defined by RFC 4880 (also known as PGP).

To find out which key you need to import, you should look for the 'validpgpkeys' array in PKGBUILD: Fixing ERROR: One or more PGP signatures could not be verified by importing given public key

Copy this key and then run the following, where you replace the placeholder with your copied value:

gpg --recv-keys <KEY_FROM_ARRAY>

Now, you should be able to build your package!

If you want to learn more, checkout my other tutorials for Arch Linux.


Related Posts

Find posts on similar topics:


Support me via buymeacoffee

If I helped you solve a problem or you just like my content, consider supporting me by buying me a coffee.

Buy me a coffee

Comments