Arch Linux ARM implements package signing following the model created by Arch Linux. All packages in all repositories for all architectures are signed by our build system; however, the repository database files are not signed in order to limit the exposure of private keys and because it is technically unnecessary.
Since all of the packages in our repositories originate from our build system — not from individual developers and maintainers — the packages are signed by the single build system key before leaving the secure build environment. Additionally, Arch Linux ARM mirrors are synchronized via rsync push from our master server, furthering the integrity of packages available for installation.
systemctl status haveged
pacman -Syu haveged systemctl start haveged systemctl enable haveged
pacman -S archlinuxarm-keyring pacman-key --populate archlinuxarm
SigLevel = Required DatabaseOptional LocalFileSigLevel = Optional
|Master Signing Keys|
|B823CD25||0292 2214 DE89 81D1 4DC2 ACAB BC70 4E86 B823 CD25||Kevin Mihelich|
|DCD9EE1A||9D22 B7BB 678D C056 B1F7 723C B55C 5315 DCD9 EE1A||Jason Plum|
|9C6B5765||69DD 6C8F D314 223E 1436 2848 BF7E EF7A 9C6B 5765||Mike Brown|
|Package Signing Keys|
|2BDBE6A6||68B3 537F 39A3 13B3 E574 D067 7719 3F15 2BDB E6A6||Arch Linux ARM Build System|
Copyright ©2009-2016 Arch Linux ARM
The registered trademark Linux® is used pursuant to a sublicense from LMI, the exclusive licensee of Linus Torvalds, owner of the mark on a world-wide basis.
The Arch Linux™ name and logo are used under permission of the Arch Linux Project Lead.