merged from the debian branch
[ntk/apt.git] / doc / apt-key.8.xml
1 <?xml version="1.0" encoding="utf-8" standalone="no"?>
2 <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
3 "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
4
5 <!ENTITY % aptent SYSTEM "apt.ent">
6 %aptent;
7
8 <!ENTITY % aptverbatiment SYSTEM "apt-verbatim.ent">
9 %aptverbatiment;
10
11 ]>
12
13 <refentry>
14 &apt-docinfo;
15
16 <refmeta>
17 <refentrytitle>apt-key</refentrytitle>
18 <manvolnum>8</manvolnum>
19 <refmiscinfo class="manual">APT</refmiscinfo>
20 </refmeta>
21
22 <!-- Man page title -->
23 <refnamediv>
24 <refname>apt-key</refname>
25 <refpurpose>APT key management utility</refpurpose>
26 </refnamediv>
27
28 <!-- Arguments -->
29 <refsynopsisdiv>
30 <cmdsynopsis>
31 <command>apt-key</command>
32 <arg><option>--keyring <replaceable>filename</replaceable></option></arg>
33 <arg><replaceable>command</replaceable></arg>
34 <arg rep="repeat"><option><replaceable>arguments</replaceable></option></arg>
35 </cmdsynopsis>
36 </refsynopsisdiv>
37
38 <refsect1><title>Description</title>
39 <para>
40 <command>apt-key</command> is used to manage the list of keys used
41 by apt to authenticate packages. Packages which have been
42 authenticated using these keys will be considered trusted.
43 </para>
44 </refsect1>
45
46 <refsect1><title>Commands</title>
47 <variablelist>
48 <varlistentry><term>add <replaceable>filename</replaceable></term>
49 <listitem>
50 <para>
51
52 Add a new key to the list of trusted keys. The key is read
53 from <replaceable>filename</replaceable>, or standard input if
54 <replaceable>filename</replaceable> is <literal>-</literal>.
55 </para>
56
57 </listitem>
58 </varlistentry>
59
60 <varlistentry><term>del <replaceable>keyid</replaceable></term>
61 <listitem>
62 <para>
63
64 Remove a key from the list of trusted keys.
65
66 </para>
67
68 </listitem>
69 </varlistentry>
70
71 <varlistentry><term>export <replaceable>keyid</replaceable></term>
72 <listitem>
73 <para>
74
75 Output the key <replaceable>keyid</replaceable> to standard output.
76
77 </para>
78
79 </listitem>
80 </varlistentry>
81
82 <varlistentry><term>exportall</term>
83 <listitem>
84 <para>
85
86 Output all trusted keys to standard output.
87
88 </para>
89
90 </listitem>
91 </varlistentry>
92
93 <varlistentry><term>list</term>
94 <listitem>
95 <para>
96
97 List trusted keys.
98
99 </para>
100
101 </listitem>
102 </varlistentry>
103
104 <varlistentry><term>finger</term>
105 <listitem>
106 <para>
107
108 List fingerprints of trusted keys.
109
110 </para>
111
112 </listitem>
113 </varlistentry>
114
115 <varlistentry><term>adv</term>
116 <listitem>
117 <para>
118
119 Pass advanced options to gpg. With adv --recv-key you can download the
120 public key.
121
122 </para>
123
124 </listitem>
125 </varlistentry>
126
127 <varlistentry><term>update</term>
128 <listitem>
129 <para>
130
131 Update the local keyring with the keyring of Debian archive
132 keys and removes from the keyring the archive keys which are no
133 longer valid.
134
135 </para>
136
137 </listitem>
138 </varlistentry>
139
140 <varlistentry><term>net-update</term>
141 <listitem>
142 <para>
143
144 Update the local keyring with the keys of a key server
145 and removes from the keyring the archive keys which are no
146 longer valid. This requires an installed wget and an APT
147 build configured to have a server to fetch from. APT in
148 Debian does not support this command, but Ubuntu's APT
149 does.
150
151 </para>
152
153 </listitem>
154 </varlistentry>
155 </variablelist>
156 </refsect1>
157
158 <refsect1><title>Options</title>
159 <para>Note that options need to be defined before the commands described in the previous section.</para>
160 <variablelist>
161 <varlistentry><term>--keyring <replaceable>filename</replaceable></term>
162 <listitem><para>With this option it is possible to specify a specific keyring
163 file the command should operate on. The default is that a command is executed
164 on the <filename>trusted.gpg</filename> file as well as on all parts in the
165 <filename>trusted.gpg.d</filename> directory, through <filename>trusted.gpg</filename>
166 is the primary keyring which means that e.g. new keys are added to this one.
167 </para></listitem>
168 </varlistentry>
169 </variablelist>
170 </refsect1>
171
172 <refsect1><title>Files</title>
173 <variablelist>
174
175 &file-trustedgpg;
176
177 <varlistentry><term><filename>/etc/apt/trustdb.gpg</filename></term>
178 <listitem><para>Local trust database of archive keys.</para></listitem>
179 </varlistentry>
180
181 <varlistentry><term><filename>/usr/share/keyrings/debian-archive-keyring.gpg</filename></term>
182 <listitem><para>Keyring of Debian archive trusted keys.</para></listitem>
183 </varlistentry>
184
185 <varlistentry><term><filename>/usr/share/keyrings/debian-archive-removed-keys.gpg</filename></term>
186 <listitem><para>Keyring of Debian archive removed trusted keys.</para></listitem>
187 </varlistentry>
188
189 </variablelist>
190
191 </refsect1>
192
193 <refsect1><title>See Also</title>
194 <para>
195 &apt-get;, &apt-secure;
196 </para>
197 </refsect1>
198
199 &manbugs;
200 &manauthor;
201
202 </refentry>
203