doc/apt-key.8.xml

   1 <?xml version="1.0" encoding="utf-8" standalone="no"?>
   2 <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
   3   "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
   4
   5 <!ENTITY % aptent SYSTEM "apt.ent">
   6 %aptent;
   7
   8 <!ENTITY % aptverbatiment SYSTEM "apt-verbatim.ent">
   9 %aptverbatiment;
  10
  11 ]>
  12
  13 <refentry>
  14  &apt-docinfo;
  15
  16  <refmeta>
  17    <refentrytitle>apt-key</refentrytitle>
  18    <manvolnum>8</manvolnum>
  19    <refmiscinfo class="manual">APT</refmiscinfo>
  20  </refmeta>
  21
  22  <!-- Man page title -->
  23  <refnamediv>
  24     <refname>apt-key</refname>
  25     <refpurpose>APT key management utility</refpurpose>
  26  </refnamediv>
  27
  28  <!-- Arguments -->
  29  <refsynopsisdiv>
  30    <cmdsynopsis>
  31       <command>apt-key</command>
  32       <arg><option>--keyring <replaceable>filename</replaceable></option></arg>
  33       <arg><replaceable>command</replaceable></arg>
  34       <arg rep="repeat"><option><replaceable>arguments</replaceable></option></arg>
  35    </cmdsynopsis>
  36  </refsynopsisdiv>
  37
  38  <refsect1><title>Description</title>
  39    <para>
  40    <command>apt-key</command> is used to manage the list of keys used
  41    by apt to authenticate packages.  Packages which have been
  42    authenticated using these keys will be considered trusted.
  43    </para>
  44 </refsect1>
  45
  46 <refsect1><title>Commands</title>
  47    <variablelist>
  48      <varlistentry><term>add <replaceable>filename</replaceable></term>
  49      <listitem>
  50      <para>
  51
  52        Add a new key to the list of trusted keys.  The key is read
  53        from <replaceable>filename</replaceable>, or standard input if
  54        <replaceable>filename</replaceable> is <literal>-</literal>.
  55      </para>
  56
  57      </listitem>
  58      </varlistentry>
  59
  60      <varlistentry><term>del <replaceable>keyid</replaceable></term>
  61      <listitem>
  62      <para>
  63
  64        Remove a key from the list of trusted keys.
  65
  66      </para>
  67
  68      </listitem>
  69      </varlistentry>
  70
  71      <varlistentry><term>export <replaceable>keyid</replaceable></term>
  72      <listitem>
  73      <para>
  74
  75         Output the key <replaceable>keyid</replaceable> to standard output.
  76
  77      </para>
  78
  79      </listitem>
  80      </varlistentry>
  81
  82      <varlistentry><term>exportall</term>
  83      <listitem>
  84      <para>
  85
  86         Output all trusted keys to standard output.
  87
  88      </para>
  89
  90      </listitem>
  91      </varlistentry>
  92
  93      <varlistentry><term>list</term>
  94      <listitem>
  95      <para>
  96
  97        List trusted keys.
  98
  99      </para>
 100
 101      </listitem>
 102      </varlistentry>
 103
 104          <varlistentry><term>finger</term>
 105      <listitem>
 106      <para>
 107
 108      List fingerprints of trusted keys.
 109
 110      </para>
 111
 112      </listitem>
 113      </varlistentry>
 114
 115          <varlistentry><term>adv</term>
 116      <listitem>
 117      <para>
 118
 119      Pass advanced options to gpg. With adv --recv-key you can download the
 120          public key.
 121
 122      </para>
 123
 124      </listitem>
 125      </varlistentry>
 126
 127      <varlistentry><term>update</term>
 128      <listitem>
 129      <para>
 130
 131        Update the local keyring with the keyring of Debian archive
 132        keys and removes from the keyring the archive keys which are no
 133        longer valid.
 134
 135      </para>
 136
 137      </listitem>
 138      </varlistentry>
 139    </variablelist>
 140 </refsect1>
 141
 142  <refsect1><title>Options</title>
 143 <para>Note that options need to be defined before the commands described in the previous section.</para>
 144    <variablelist>
 145       <varlistentry><term>--keyring <replaceable>filename</replaceable></term>
 146       <listitem><para>With this option it is possible to specify a specific keyring
 147       file the command should operate on. The default is that a command is executed
 148       on the <filename>trusted.gpg</filename> file as well as on all parts in the
 149       <filename>trusted.gpg.d</filename> directory, through <filename>trusted.gpg</filename>
 150       is the primary keyring which means that e.g. new keys are added to this one.
 151       </para></listitem>
 152       </varlistentry>
 153    </variablelist>
 154  </refsect1>
 155
 156  <refsect1><title>Files</title>
 157    <variablelist>
 158
 159      &file-trustedgpg;
 160
 161      <varlistentry><term><filename>/etc/apt/trustdb.gpg</filename></term>
 162      <listitem><para>Local trust database of archive keys.</para></listitem>
 163      </varlistentry>
 164
 165      <varlistentry><term><filename>/usr/share/keyrings/debian-archive-keyring.gpg</filename></term>
 166      <listitem><para>Keyring of Debian archive trusted keys.</para></listitem>
 167      </varlistentry>
 168
 169      <varlistentry><term><filename>/usr/share/keyrings/debian-archive-removed-keys.gpg</filename></term>
 170      <listitem><para>Keyring of Debian archive removed trusted keys.</para></listitem>
 171      </varlistentry>
 172
 173    </variablelist>
 174
 175 </refsect1>
 176
 177 <refsect1><title>See Also</title>
 178 <para>
 179 &apt-get;, &apt-secure;
 180 </para>
 181 </refsect1>
 182
 183  &manbugs;
 184  &manauthor;
 185
 186 </refentry>
 187