CMS Critic Logo
  • Articles
  • Products
  • Critics
  • Programs
Login Person Icon

How to fix invalid or corrupted package (PGP signature) issues on Arch Linux

Home
Articles
Products
Likes

How to fix invalid or corrupted package (PGP signature) issues on Arch Linux

mike-johnston Profile
Mike Johnston
1 min

I recently came across this issue on my Archmerge installation and figured I would share the fix here since it took me quite some time to figure out the solution. This is not Archmerge specific but rather Arch Linux specific. I started encountering it on Manjaro and Arch based installs right after I tried to install specific packages.

This is what I was getting when trying to install a package that required fzf (in this case, I was running the command:

packer -S pacli

Since this package relied on the fzf package, I got the following error:

error: fzf: signature from "Ambrevar <ambrevar@gmail.com>" is unknown trust :: File /var/cache/pacman/pkg/fzf-0.17.0.2-1-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).

The solution took me a while to figure out, as mentioned, but I did figure it out eventually. To resolve, launch a terminal and paste in the following:

sudo pacman-key --refresh-keys

This will take a while to refresh all of the keys on your system but once it's complete, you should be good to go.

linux
CMS Critic Logo
  • Programs
  • Critics
  • About
  • Contact Us
  • Privacy
  • Disclaimer

©2025 CMS Critic. All rights reserved.