Get a site

Signature from “User” is unknown trust

Today, I had another small adventure: updating my packages list on Arch Linux, I got this error:

error: confuse: signature from "Thorsten Töpper <[email protected]>" is unknown trust

:: File /var/cache/pacman/pkg/confuse-2.8-1-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).

Do you want to delete it? [Y/n]

How dealing with it?

There are two options:

  1. Following the Resetting all the keys section at the page of the packages management in Pacman, you remove all the keys installed in your system deleting the folder /etc/pacman.d/gnupg (obviously as root) and then after having run packman-key --init, adding the preferred keys;
  2. You can try to simply update the known keys, i.e. pacman-key --refresh-keys.

I did the second one and everything was fine.

Published by Francesco Serafin

I am a PhD student at the Department of Civil, Environmental and Mechanical Engineering at the University of Trento. My two greatest loves: Computer Science and Water (take three with my Lenovo!:D). As a result, the aim of my life is to make both passions coexist. My gpg public key available at

Leave a Reply

Your email address will not be published.

%d bloggers like this: