8 creating a gpg key to sign our Carli packages

In this article we create a key to sign our packages.

We follow this article to create the key.


Ensure you create a good personal and private keyword. Use lastpass or bitwarden or other password generators.

You will get a short key and a long key. Keep those numbers in a file for convenience.

Then we rebuild all our packages with our signature.

We also tell /etc/pacman.conf that we will be using signatures.

SigLevel = Required DatabaseOptional

We will be signing our database of Carli as well by changing the update_repo.sh.