Due to an influx of spam, we have had to temporarily disable account registrations. Please write an email to accountsupport@archlinux.org, with your desired username, if you want to get access. Sorry for the inconvenience.
- Use a future proof algorithm when generating the key pair
- Use a future proof algorithm when generating the key pair
- RSA >= 4096 bit
- RSA >= 4096 bit
- ECC Curve25519
- ECC Curve25519
- Create a key with a valid encryption subkey (`E`), so that encrypted verification tokens can be received.
- Create a key with signing capabilities on the root key (`S` - this is the default), as otherwise the root key has to be (temporarily) modified to accommodate the key verification process:
```shell
gpg --edit-key$KEYID# drops into an interactive prompt within gpg
change-usage
S # toggle signing capabilities on root key
Q # finish adjustment
save # if required, save key
gpg --local-user$KEYID!--clear-sign$FILE_TO_SIGN# make note of the postfix ! on $KEYID
# then follow above steps to remove signing capabilities
```
# Validating a key pair
# Validating a key pair
- Use `sq-keyring-linter` from the `sequoia-keyring-linter` package to perform basic certificate checks (e.g. use of the unsafe SHA-1 checksum algorithm):
- Use `sq-keyring-linter` from the `sequoia-keyring-linter` package to perform basic certificate checks (e.g. use of the unsafe SHA-1 checksum algorithm):