Arch Linux ARM implements package signing following the model created by Arch Linux. All packages in all repositories for all architectures are signed by our build system; however, the repository database files are not signed in order to limit the exposure of private keys and because it is technically unnecessary.
Since all of the packages in our repositories originate from our build system — not from individual developers and maintainers — the packages are signed by the single build system key before leaving the secure build environment. Additionally, Arch Linux ARM mirrors are synchronized via rsync push from our master server, furthering the integrity of packages available for installation.
systemctl status haveged
pacman -Syu haveged systemctl start haveged systemctl enable haveged
pacman -S archlinuxarm-keyring pacman-key --populate archlinuxarm
SigLevel = Required DatabaseOptional LocalFileSigLevel = Optional
|Master Signing Keys|
|Package Signing Keys|
|68B3537F39A313B3E574D06777193F152BDBE6A6||Arch Linux ARM Build System|
Copyright ©2009-2017 Arch Linux ARM
The registered trademark Linux® is used pursuant to a sublicense from LMI, the exclusive licensee of Linus Torvalds, owner of the mark on a world-wide basis.
The Arch Linux™ name and logo are used under permission of the Arch Linux Project Lead.