| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206 |
- <?xml version="1.0" encoding="utf-8" standalone="no"?>
- <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
- "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
- <!ENTITY % aptent SYSTEM "apt.ent">
- %aptent;
- <!ENTITY % aptverbatiment SYSTEM "apt-verbatim.ent">
- %aptverbatiment;
- ]>
- <refentry>
- <refentryinfo>
- &apt-author.jgunthorpe;
- &apt-author.team;
- &apt-email;
- &apt-product;
- <!-- The last update date -->
- <date>2012-05-21T00:00:00Z</date>
- </refentryinfo>
- <refmeta>
- <refentrytitle>apt-key</refentrytitle>
- <manvolnum>8</manvolnum>
- <refmiscinfo class="manual">APT</refmiscinfo>
- </refmeta>
-
- <!-- Man page title -->
- <refnamediv>
- <refname>apt-key</refname>
- <refpurpose>APT key management utility</refpurpose>
- </refnamediv>
- &synopsis-command-apt-key;
- <refsect1><title>Description</title>
- <para>
- <command>apt-key</command> is used to manage the list of keys used
- by apt to authenticate packages. Packages which have been
- authenticated using these keys will be considered trusted.
- </para>
- </refsect1>
- <refsect1><title>Commands</title>
- <variablelist>
- <varlistentry><term><option>add</option> <option>&synopsis-param-filename;</option></term>
- <listitem>
- <para>
- Add a new key to the list of trusted keys.
- The key is read from the filename given with the parameter
- &synopsis-param-filename; or if the filename is <literal>-</literal>
- from standard input.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry><term><option>del</option> <option>&synopsis-param-keyid;</option></term>
- <listitem>
- <para>
- Remove a key from the list of trusted keys.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry><term><option>export</option> <option>&synopsis-param-keyid;</option></term>
- <listitem>
- <para>
- Output the key &synopsis-param-keyid; to standard output.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry><term><option>exportall</option></term>
- <listitem>
- <para>
- Output all trusted keys to standard output.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry><term><option>list</option></term>
- <listitem>
- <para>
- List trusted keys.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry><term><option>finger</option></term>
- <listitem>
- <para>
- List fingerprints of trusted keys.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry><term><option>adv</option></term>
- <listitem>
- <para>
- Pass advanced options to gpg. With adv --recv-key you can download the
- public key.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry><term><option>update</option></term>
- <listitem>
- <para>
- Update the local keyring with the archive keyring and remove from
- the local keyring the archive keys which are no longer valid.
- The archive keyring is shipped in the <literal>archive-keyring</literal> package of your
- distribution, e.g. the <literal>debian-archive-keyring</literal> package in Debian.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry><term><option>net-update</option></term>
- <listitem>
- <para>
- Work similar to the <command>update</command> command above, but get the
- archive keyring from an URI instead and validate it against a master key.
- This requires an installed &wget; and an APT build configured to have
- a server to fetch from and a master keyring to validate.
- APT in Debian does not support this command and relies on
- <command>update</command> instead, but Ubuntu's APT does.
- </para>
- </listitem>
- </varlistentry>
- </variablelist>
- </refsect1>
- <refsect1><title>Options</title>
- <para>Note that options need to be defined before the commands described in the previous section.</para>
- <variablelist>
- <varlistentry><term><option>--keyring</option> <option>&synopsis-param-filename;</option></term>
- <listitem><para>With this option it is possible to specify a specific keyring
- file the command should operate on. The default is that a command is executed
- on the <filename>trusted.gpg</filename> file as well as on all parts in the
- <filename>trusted.gpg.d</filename> directory, though <filename>trusted.gpg</filename>
- is the primary keyring which means that e.g. new keys are added to this one.
- </para></listitem>
- </varlistentry>
- </variablelist>
- </refsect1>
- <refsect1><title>Files</title>
- <variablelist>
- &file-trustedgpg;
- <varlistentry><term><filename>/etc/apt/trustdb.gpg</filename></term>
- <listitem><para>Local trust database of archive keys.</para></listitem>
- </varlistentry>
- <varlistentry><term><filename>/usr/share/keyrings/debian-archive-keyring.gpg</filename></term>
- <listitem><para>Keyring of Debian archive trusted keys.</para></listitem>
- </varlistentry>
- <varlistentry><term><filename>/usr/share/keyrings/debian-archive-removed-keys.gpg</filename></term>
- <listitem><para>Keyring of Debian archive removed trusted keys.</para></listitem>
- </varlistentry>
- </variablelist>
- </refsect1>
- <refsect1><title>See Also</title>
- <para>
- &apt-get;, &apt-secure;
- </para>
- </refsect1>
- &manbugs;
- &manauthor;
- </refentry>
|