Issue with signatures when installing packages

[anglowanzer]

Hello! It looks like I am having the same issue with trying to install packages and dealing with a bad signature as #4680 , however the solution commented under that issue does not work for me.

Here is the output when I tried to install a few packages:

error: casefile: signature from "Evan Teitelman (BlackArch Developer) [email protected]" is unknown trust
:: File /var/cache/pacman/pkg/casefile-1.0.1-7-any.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: complemento: signature from "Evan Teitelman (BlackArch Developer) [email protected]" is unknown trust
:: File /var/cache/pacman/pkg/complemento-0.7.6-4-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: ghost-phisher: signature from "Evan Teitelman (BlackArch Developer) [email protected]" is unknown trust
:: File /var/cache/pacman/pkg/ghost-phisher-1.62-5-any.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: miranda-upnp: signature from "Evan Teitelman (BlackArch Developer) [email protected]" is unknown trust
:: File /var/cache/pacman/pkg/miranda-upnp-1.3-8-any.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: failed to commit transaction (invalid or corrupted package)
Errors occurred, no packages were upgraded.

[D3vil0p3r]

mkdir lol; cd lol
wget https://blackarch.org/keyring/blackarch-keyring-20251011.tar.gz
tar -zxvf blackarch-keyring-20251011.tar.gz
sudo cp blackarch-keyring-20251011/blackarch* /usr/share/pacman/keyrings/
sudo pacman-key --init
sudo pacman-key --populate
sudo pacman -Scc (press TWO times Y)
sudo pacman -Syy

Let us know if it works.

[anglowanzer]

This still does not fix the issue for me personally. Got the same output.

This looks like the same exact command from before, still getting the same result sadly.

[mmdox6]

It is the same command list, I have the same issue and this also didnt fix it for me :(

[ikstream]

which mirror are you using and have you tried switching to the official blackarch.org mirror for an update?

[davispuh]

I have exactly same issue. This doesn't fix it.

$ pacman -S casefile
resolving dependencies...
looking for conflicting packages...

Packages (1) casefile-1.0.1-7

Total Download Size:   36,01 MiB
Total Installed Size:  63,11 MiB

:: Proceed with installation? [Y/n] y
:: Retrieving packages...
 casefile-1.0.1-7-any                                                                             36,0 MiB  38,0 MiB/s 00:01 [############################################################################] 100%
(1/1) checking keys in keyring                                                                                               [############################################################################] 100%
(1/1) checking package integrity                                                                                             [############################################################################] 100%
error: casefile: signature from "Evan Teitelman (BlackArch Developer) <[email protected]>" is unknown trust
:: File /var/cache/pacman/pkg/casefile-1.0.1-7-any.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] n
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.

This is on freshly installed Black Arch onto existing Arch Linux.
I'm using https://www.blackarch.org/ mirror.

Note that this happens only for few packages and seems just Evan Teitelman key. Other packages install fine.

[davispuh]

I figured it out. In my case DNS wasn't working properly so GPG couldn't fetch keys.

Basically fix DNS so that

$ gpg --keyserver keyserver.ubuntu.com --recv-keys C65009B64EB7BB3C

works. Once it does do

$ pacman-key --refresh-keys

There shouldn't be any ERRORs

UPDATE: Looks like still need to sign it afterwards.... So pacman-key --lsign-key C65009B64EB7BB3C and then it finally works.

[korekuztomz-web]

.github/ISSUE_TEMPLATE/04_question.md