8 creating a gpg key to sign our Carli packages

In this article we create a key to sign our packages.

We follow this article to create the key.

https://www.arcolinuxiso.com/create-a-key-to-sign-your-packages/

Ensure you create a good personal and private keyword. Use lastpass or bitwarden or other password generators.

You will get a short key and a long key. Keep those numbers in a file for convenience.

Then we rebuild all our packages with our signature.

We also tell /etc/pacman.conf that we will be using signatures.

SigLevel = Required DatabaseOptional

We will be signing our database of Carli as well by changing the update_repo.sh.