On Wed, Jun 24, 2015 at 8:31 PM, Sebastian Pipping <sebastian@xxxxxxxxxxx> wrote: > Hi there! > > > In relation to making virtual machine images of Arch I noticed that > sharing images with pacman keys inside would enable two systems to > present spoofed packages to the other unnoticed. True? > It seems like a good idea to remove and re-add pacman keys specific to > each system again, later. > > I wonder how to best remove the system-specific keys (not secure > deletion, just not breaking the system) and how (more than when) to > re-add new ones to the existing system to get it back to fully > functional. Any ideas? > > Many thanks in advance, best, > > > > Sebastian > https://wiki.archlinux.org/index.php/Pacman-key#Resetting_all_the_keys -- Eli Schwartz
