[ntk/apt.git] / doc / apt-key.8.xml

<?xml version="1.0" encoding="utf-8" standalone="no"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [

<!ENTITY % aptent SYSTEM "apt.ent">
%aptent;

<!ENTITY % aptverbatiment SYSTEM "apt-verbatim.ent">
%aptverbatiment;

<!ENTITY % aptvendor SYSTEM "apt-vendor.ent">
%aptvendor;
]>

<refentry>
 <refentryinfo>
   &apt-author.jgunthorpe;
   &apt-author.team;
   &apt-email;
   &apt-product;
   <!-- The last update date -->
   <date>2012-06-09T00:00:00Z</date>
 </refentryinfo>

 <refmeta>
   <refentrytitle>apt-key</refentrytitle>
   <manvolnum>8</manvolnum>
   <refmiscinfo class="manual">APT</refmiscinfo>
 </refmeta>
 
 <!-- Man page title -->
 <refnamediv>
    <refname>apt-key</refname>
    <refpurpose>APT key management utility</refpurpose>
 </refnamediv>

 &synopsis-command-apt-key;

 <refsect1><title>Description</title>
   <para>
   <command>apt-key</command> is used to manage the list of keys used
   by apt to authenticate packages.  Packages which have been
   authenticated using these keys will be considered trusted.
   </para>
</refsect1>

<refsect1><title>Commands</title>
   <variablelist>
     <varlistentry><term><option>add</option> <option>&synopsis-param-filename;</option></term>
     <listitem>
     <para>
       Add a new key to the list of trusted keys.
       The key is read from the filename given with the parameter
       &synopsis-param-filename; or if the filename is <literal>-</literal>
       from standard input.
     </para>

     </listitem>
     </varlistentry>

     <varlistentry><term><option>del</option> <option>&synopsis-param-keyid;</option></term>
     <listitem>
     <para>

       Remove a key from the list of trusted keys.

     </para>

     </listitem>
     </varlistentry>

     <varlistentry><term><option>export</option> <option>&synopsis-param-keyid;</option></term>
     <listitem>
     <para>

        Output the key &synopsis-param-keyid; to standard output.

     </para>

     </listitem>
     </varlistentry>

     <varlistentry><term><option>exportall</option></term>
     <listitem>
     <para>

        Output all trusted keys to standard output.

     </para>

     </listitem>
     </varlistentry>

     <varlistentry><term><option>list</option></term>
     <listitem>
     <para>

       List trusted keys.

     </para>

     </listitem>
     </varlistentry>
     
     <varlistentry><term><option>finger</option></term>
     <listitem>
     <para>

     List fingerprints of trusted keys.

     </para>

     </listitem>
     </varlistentry>
     
     <varlistentry><term><option>adv</option></term>
     <listitem>
     <para>

     Pass advanced options to gpg. With adv --recv-key you can download the 
	 public key.  

     </para>

     </listitem>
     </varlistentry>

     <varlistentry><term><option>update</option></term>
     <listitem>
     <para>

       Update the local keyring with the archive keyring and remove from
       the local keyring the archive keys which are no longer valid.
       The archive keyring is shipped in the <literal>archive-keyring</literal> package of your
       distribution, e.g. the &keyring-package; package in &keyring-distro;.

     </para>

     </listitem>
     </varlistentry>
     
     <varlistentry><term><option>net-update</option></term>
     <listitem>
     <para>

       Perform an update working similarly to the <command>update</command> command above,
       but get the archive keyring from a URI instead and validate it against a master key.

       This requires an installed &wget; and an APT build configured to have
       a server to fetch from and a master keyring to validate.

       APT in Debian does not support this command, relying on
       <command>update</command> instead, but Ubuntu's APT does.

     </para>

     </listitem>
     </varlistentry>
   </variablelist>
</refsect1>

 <refsect1><title>Options</title>
<para>Note that options need to be defined before the commands described in the previous section.</para>
   <variablelist>
      <varlistentry><term><option>--keyring</option> <option>&synopsis-param-filename;</option></term>
      <listitem><para>With this option it is possible to specify a particular keyring
      file the command should operate on. The default is that a command is executed
      on the <filename>trusted.gpg</filename> file as well as on all parts in the
      <filename>trusted.gpg.d</filename> directory, though <filename>trusted.gpg</filename>
      is the primary keyring which means that e.g. new keys are added to this one.
      </para></listitem>
      </varlistentry>
   </variablelist>
 </refsect1>

 <refsect1><title>Files</title>
   <variablelist>

     &file-trustedgpg;

     <varlistentry><term><filename>/etc/apt/trustdb.gpg</filename></term>
     <listitem><para>Local trust database of archive keys.</para></listitem>
     </varlistentry>

     <varlistentry><term>&keyring-filename;</term>
     <listitem><para>Keyring of &keyring-distro; archive trusted keys.</para></listitem>
     </varlistentry>

     <varlistentry><term>&keyring-removed-filename;</term>
     <listitem><para>Keyring of &keyring-distro; archive removed trusted keys.</para></listitem>
     </varlistentry>

   </variablelist>

</refsect1>

<refsect1><title>See Also</title>
<para>
&apt-get;, &apt-secure;
</para>
</refsect1>

 &manbugs;
 &manauthor;

</refentry>
Commit	Line	Data
b3d44315	1	<?xml version="1.0" encoding="utf-8" standalone="no"?>
81cf16a2 DK	2	<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
81cf16a2 DK	3	"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
b3d44315 MV	4
	5	<!ENTITY % aptent SYSTEM "apt.ent">
	6	%aptent;
	7
0c1a7101 DK	8	<!ENTITY % aptverbatiment SYSTEM "apt-verbatim.ent">
	9	%aptverbatiment;
	10
694ef56e DK	11	<!ENTITY % aptvendor SYSTEM "apt-vendor.ent">
694ef56e DK	12	%aptvendor;
b3d44315 MV	13	]>
	14
	15	<refentry>
45fb8bf7 DK	16	<refentryinfo>
	17	&apt-author.jgunthorpe;
	18	&apt-author.team;
	19	&apt-email;
	20	&apt-product;
	21	<!-- The last update date -->
dabb215c	22	<date>2012-06-09T00:00:00Z</date>
45fb8bf7 DK	23	</refentryinfo>
45fb8bf7 DK	24
b3d44315 MV	25	<refmeta>
	26	<refentrytitle>apt-key</refentrytitle>
	27	<manvolnum>8</manvolnum>
f0599b9c	28	<refmiscinfo class="manual">APT</refmiscinfo>
b3d44315 MV	29	</refmeta>
	30
	31	<!-- Man page title -->
	32	<refnamediv>
	33	<refname>apt-key</refname>
	34	<refpurpose>APT key management utility</refpurpose>
	35	</refnamediv>
	36
6e8b4572	37	&synopsis-command-apt-key;
b3d44315 MV	38
	39	<refsect1><title>Description</title>
	40	<para>
	41	<command>apt-key</command> is used to manage the list of keys used
	42	by apt to authenticate packages. Packages which have been
	43	authenticated using these keys will be considered trusted.
	44	</para>
	45	</refsect1>
	46
	47	<refsect1><title>Commands</title>
	48	<variablelist>
2b9b27c3	49	<varlistentry><term><option>add</option> <option>&synopsis-param-filename;</option></term>
b3d44315 MV	50	<listitem>
b3d44315 MV	51	<para>
c086ac18 DK	52	Add a new key to the list of trusted keys.
	53	The key is read from the filename given with the parameter
	54	&synopsis-param-filename; or if the filename is <literal>-</literal>
	55	from standard input.
b3d44315 MV	56	</para>
	57
	58	</listitem>
	59	</varlistentry>
	60
2b9b27c3	61	<varlistentry><term><option>del</option> <option>&synopsis-param-keyid;</option></term>
b3d44315 MV	62	<listitem>
	63	<para>
	64
	65	Remove a key from the list of trusted keys.
	66
	67	</para>
	68
	69	</listitem>
	70	</varlistentry>
	71
2b9b27c3	72	<varlistentry><term><option>export</option> <option>&synopsis-param-keyid;</option></term>
bf6d5b42 OS	73	<listitem>
	74	<para>
	75
6e8b4572	76	Output the key &synopsis-param-keyid; to standard output.
bf6d5b42 OS	77
	78	</para>
	79
	80	</listitem>
	81	</varlistentry>
	82
2b9b27c3	83	<varlistentry><term><option>exportall</option></term>
bf6d5b42 OS	84	<listitem>
	85	<para>
	86
	87	Output all trusted keys to standard output.
	88
	89	</para>
	90
	91	</listitem>
	92	</varlistentry>
	93
2b9b27c3	94	<varlistentry><term><option>list</option></term>
b3d44315 MV	95	<listitem>
	96	<para>
	97
	98	List trusted keys.
d2793259	99
b3d44315 MV	100	</para>
b3d44315 MV	101
a8cabc8f LB	102	</listitem>
	103	</varlistentry>
	104
2b9b27c3	105	<varlistentry><term><option>finger</option></term>
a8cabc8f LB	106	<listitem>
	107	<para>
	108
	109	List fingerprints of trusted keys.
	110
	111	</para>
	112
	113	</listitem>
	114	</varlistentry>
	115
2b9b27c3	116	<varlistentry><term><option>adv</option></term>
a8cabc8f LB	117	<listitem>
	118	<para>
	119
	120	Pass advanced options to gpg. With adv --recv-key you can download the
	121	public key.
	122
	123	</para>
	124
b3d44315 MV	125	</listitem>
b3d44315 MV	126	</varlistentry>
d2793259	127
2b9b27c3	128	<varlistentry><term><option>update</option></term>
d2793259 MV	129	<listitem>
	130	<para>
	131
00c6e1a3 MV	132	Update the local keyring with the archive keyring and remove from
	133	the local keyring the archive keys which are no longer valid.
	134	The archive keyring is shipped in the <literal>archive-keyring</literal> package of your
694ef56e	135	distribution, e.g. the &keyring-package; package in &keyring-distro;.
d2793259 MV	136
	137	</para>
	138
	139	</listitem>
	140	</varlistentry>
f37e6374	141
2b9b27c3	142	<varlistentry><term><option>net-update</option></term>
f37e6374 JAK	143	<listitem>
	144	<para>
	145
6072cbe1 JR	146	Perform an update working similarly to the <command>update</command> command above,
6072cbe1 JR	147	but get the archive keyring from a URI instead and validate it against a master key.
00c6e1a3 MV	148
	149	This requires an installed &wget; and an APT build configured to have
	150	a server to fetch from and a master keyring to validate.
	151
6072cbe1	152	APT in Debian does not support this command, relying on
00c6e1a3	153	<command>update</command> instead, but Ubuntu's APT does.
f37e6374 JAK	154
	155	</para>
	156
	157	</listitem>
	158	</varlistentry>
d2793259 MV	159	</variablelist>
	160	</refsect1>
	161
46e39c8e MV	162	<refsect1><title>Options</title>
	163	<para>Note that options need to be defined before the commands described in the previous section.</para>
	164	<variablelist>
2b9b27c3	165	<varlistentry><term><option>--keyring</option> <option>&synopsis-param-filename;</option></term>
6072cbe1	166	<listitem><para>With this option it is possible to specify a particular keyring
46e39c8e MV	167	file the command should operate on. The default is that a command is executed
46e39c8e MV	168	on the <filename>trusted.gpg</filename> file as well as on all parts in the
2130caa8	169	<filename>trusted.gpg.d</filename> directory, though <filename>trusted.gpg</filename>
46e39c8e MV	170	is the primary keyring which means that e.g. new keys are added to this one.
	171	</para></listitem>
	172	</varlistentry>
	173	</variablelist>
	174	</refsect1>
	175
d2793259 MV	176	<refsect1><title>Files</title>
d2793259 MV	177	<variablelist>
46e39c8e MV	178
46e39c8e MV	179	&file-trustedgpg;
d2793259 MV	180
	181	<varlistentry><term><filename>/etc/apt/trustdb.gpg</filename></term>
	182	<listitem><para>Local trust database of archive keys.</para></listitem>
	183	</varlistentry>
	184
694ef56e DK	185	<varlistentry><term>&keyring-filename;</term>
694ef56e DK	186	<listitem><para>Keyring of &keyring-distro; archive trusted keys.</para></listitem>
d2793259 MV	187	</varlistentry>
d2793259 MV	188
694ef56e DK	189	<varlistentry><term>&keyring-removed-filename;</term>
694ef56e DK	190	<listitem><para>Keyring of &keyring-distro; archive removed trusted keys.</para></listitem>
d2793259 MV	191	</varlistentry>
d2793259 MV	192
b3d44315	193	</variablelist>
d2793259	194
b3d44315 MV	195	</refsect1>
b3d44315 MV	196
d2793259 MV	197	<refsect1><title>See Also</title>
	198	<para>
	199	&apt-get;, &apt-secure;
	200	</para>
	201	</refsect1>
b3d44315 MV	202
	203	&manbugs;
	204	&manauthor;
	205
	206	</refentry>
	207