I'm getting the following error on two of my machines. Is this a problem on my side? I tried importing the key of Josh Boyer as described here, it's installed on my system.
==> Validating source files with sha256sums...
linux-firmware-git ... Skipped
==> Verifying source file signatures with gpg...
linux-firmware-git git repo ... SIGNATURE NOT FOUND
==> ERROR: One or more PGP signatures could not be verified!
error: failed to download sources for 'linux-firmware-git-20230814.0e048b06-1':
Pinned Comments
MRWITEK commented on 2023-12-20 12:42 (UTC)
Upstream doesn't sign most commits anymore, so GPG signature check is disabled. They still sign every tag. Packages in the official repos package tags. You can check signatures with the following commands:
gbin commented on 2022-03-02 17:58 (UTC) (edited on 2022-03-02 18:07 (UTC) by gbin)
edit: found my problem the key server it could be useful for other people.
The default port is an high port and your ISP might filter it out!
use :80 in the ubuntu one and it should work:
MRWITEK commented on 2020-04-08 14:47 (UTC) (edited on 2022-12-15 12:15 (UTC) by MRWITEK)
https://wiki.archlinux.org/title/Arch_User_Repository#ERROR%3A_One_or_more_PGP_signatures_could_not_be_verified%21%3B_what_should_I_do%3F
https://wiki.archlinux.org/title/PKGBUILD#validpgpkeys
https://wiki.archlinux.org/title/Makepkg#Signature_checking
https://wiki.archlinux.org/title/Arch_User_Repository#What_is_the_difference_between_foo_and_foo-git_packages%3F