我最近切换到基于 arch 的发行版调用曼扎罗。
我在安装某些软件包时遇到问题aur arch 存储库
curl-7.54.0.tar.gz ... Passed
curl-7.54.0.tar.gz.asc ... Skipped
==> Verifying source file signatures with gpg...
curl-7.54.0.tar.gz ... FAILED (unknown public key 5CC908FDB71E12C2)
==> ERROR: One or more PGP signatures could not be verified!
我需要做什么来解决这个问题?
答案1
获得本地 gpg 密钥对后,您可以将未知密钥导入到本地用户密钥集中。在我的例子中,5CC908FDB71E12C2需要按如下方式导入密钥。
$ gpg --recv-keys 5CC908FDB71E12C2
gpg: keybox '/home/user/.gnupg/pubring.kbx' created
gpg: key 5CC908FDB71E12C2: 8 signatures not checked due to missing keys
gpg: /home/aaron/.gnupg/trustdb.gpg: trustdb created
gpg: key 5CC908FDB71E12C2: public key "Daniel Stenberg <[email protected]>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1
--recv-keys 密钥 ID:从密钥服务器导入具有给定密钥 ID 的密钥。
如果上述操作失败,您可能需要生成本地 gpg 密钥库/数据库。
以下步骤可能不再必要,因为上述步骤现在为您创建了本地密钥数据库。这取决于您的发行版和
gpg版本以及配置。
如果您尚未拥有gpg本地用户的密钥数据库。
gpg --generate-key
或者
gpg --full-gen-key
文档是怎么说的。
--generate-key
--gen-key
Generate a new key pair using the current default parameters. This is the standard command to create a new key. In addition to the key a revocation certificate is created and stored in the
‘openpgp-revocs.d’ directory below the GnuPG home directory.
--full-generate-key
--full-gen-key
Generate a new key pair with dialogs for all options. This is an extended version of --generate-key.
There is also a feature which allows you to create keys in batch mode. See the manual section ``Unattended key generation'' on how to use this.