[ntk/apt.git] / doc / apt-key.8.xml

<?xml version="1.0" encoding="utf-8" standalone="no"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % aptent SYSTEM "apt.ent"> %aptent;
<!ENTITY % aptverbatiment SYSTEM "apt-verbatim.ent"> %aptverbatiment;
<!ENTITY % aptvendor SYSTEM "apt-vendor.ent"> %aptvendor;
]>

<refentry>
 <refentryinfo>
   &apt-author.jgunthorpe;
   &apt-author.team;
   &apt-email;
   &apt-product;
   <!-- The last update date -->
   <date>2012-06-09T00:00:00Z</date>
 </refentryinfo>

 <refmeta>
   <refentrytitle>apt-key</refentrytitle>
   <manvolnum>8</manvolnum>
   <refmiscinfo class="manual">APT</refmiscinfo>
 </refmeta>
 
 <!-- Man page title -->
 <refnamediv>
    <refname>apt-key</refname>
    <refpurpose>APT key management utility</refpurpose>
 </refnamediv>

 &synopsis-command-apt-key;

 <refsect1><title>Description</title>
   <para>
   <command>apt-key</command> is used to manage the list of keys used
   by apt to authenticate packages.  Packages which have been
   authenticated using these keys will be considered trusted.
   </para>
</refsect1>

<refsect1><title>Commands</title>
   <variablelist>
     <varlistentry><term><option>add</option> <option>&synopsis-param-filename;</option></term>
     <listitem>
     <para>
       Add a new key to the list of trusted keys.
       The key is read from the filename given with the parameter
       &synopsis-param-filename; or if the filename is <literal>-</literal>
       from standard input.
     </para>

     </listitem>
     </varlistentry>

     <varlistentry><term><option>del</option> <option>&synopsis-param-keyid;</option></term>
     <listitem>
     <para>

       Remove a key from the list of trusted keys.

     </para>

     </listitem>
     </varlistentry>

     <varlistentry><term><option>export</option> <option>&synopsis-param-keyid;</option></term>
     <listitem>
     <para>

        Output the key &synopsis-param-keyid; to standard output.

     </para>

     </listitem>
     </varlistentry>

     <varlistentry><term><option>exportall</option></term>
     <listitem>
     <para>

        Output all trusted keys to standard output.

     </para>

     </listitem>
     </varlistentry>

     <varlistentry><term><option>list</option></term>
     <listitem>
     <para>

       List trusted keys.

     </para>

     </listitem>
     </varlistentry>
     
     <varlistentry><term><option>finger</option></term>
     <listitem>
     <para>

     List fingerprints of trusted keys.

     </para>

     </listitem>
     </varlistentry>
     
     <varlistentry><term><option>adv</option></term>
     <listitem>
     <para>

     Pass advanced options to gpg. With adv --recv-key you can download the 
	 public key.  

     </para>

     </listitem>
     </varlistentry>

     <varlistentry><term><option>update</option></term>
     <listitem>
     <para>

       Update the local keyring with the archive keyring and remove from
       the local keyring the archive keys which are no longer valid.
       The archive keyring is shipped in the <literal>archive-keyring</literal> package of your
       distribution, e.g. the &keyring-package; package in &keyring-distro;.

     </para>

     </listitem>
     </varlistentry>
     
     <varlistentry><term><option>net-update</option></term>
     <listitem>
     <para>

       Perform an update working similarly to the <command>update</command> command above,
       but get the archive keyring from a URI instead and validate it against a master key.

       This requires an installed &wget; and an APT build configured to have
       a server to fetch from and a master keyring to validate.

       APT in Debian does not support this command, relying on
       <command>update</command> instead, but Ubuntu's APT does.

     </para>

     </listitem>
     </varlistentry>
   </variablelist>
</refsect1>

 <refsect1><title>Options</title>
<para>Note that options need to be defined before the commands described in the previous section.</para>
   <variablelist>
      <varlistentry><term><option>--keyring</option> <option>&synopsis-param-filename;</option></term>
      <listitem><para>With this option it is possible to specify a particular keyring
      file the command should operate on. The default is that a command is executed
      on the <filename>trusted.gpg</filename> file as well as on all parts in the
      <filename>trusted.gpg.d</filename> directory, though <filename>trusted.gpg</filename>
      is the primary keyring which means that e.g. new keys are added to this one.
      </para></listitem>
      </varlistentry>
   </variablelist>
 </refsect1>

 <refsect1><title>Files</title>
   <variablelist>

     &file-trustedgpg;

     <varlistentry><term><filename>/etc/apt/trustdb.gpg</filename></term>
     <listitem><para>Local trust database of archive keys.</para></listitem>
     </varlistentry>

     <varlistentry><term>&keyring-filename;</term>
     <listitem><para>Keyring of &keyring-distro; archive trusted keys.</para></listitem>
     </varlistentry>

     <varlistentry><term>&keyring-removed-filename;</term>
     <listitem><para>Keyring of &keyring-distro; archive removed trusted keys.</para></listitem>
     </varlistentry>

   </variablelist>

</refsect1>

<refsect1><title>See Also</title>
<para>
&apt-get;, &apt-secure;
</para>
</refsect1>

 &manbugs;
 &manauthor;

</refentry>
Commit	Line	Data
b3d44315	1	<?xml version="1.0" encoding="utf-8" standalone="no"?>
81cf16a2 DK	2	<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
81cf16a2 DK	3	"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
5abbf5bb DK	4	<!ENTITY % aptent SYSTEM "apt.ent"> %aptent;
	5	<!ENTITY % aptverbatiment SYSTEM "apt-verbatim.ent"> %aptverbatiment;
	6	<!ENTITY % aptvendor SYSTEM "apt-vendor.ent"> %aptvendor;
b3d44315 MV	7	]>
	8
	9	<refentry>
45fb8bf7 DK	10	<refentryinfo>
	11	&apt-author.jgunthorpe;
	12	&apt-author.team;
	13	&apt-email;
	14	&apt-product;
	15	<!-- The last update date -->
dabb215c	16	<date>2012-06-09T00:00:00Z</date>
45fb8bf7 DK	17	</refentryinfo>
45fb8bf7 DK	18
b3d44315 MV	19	<refmeta>
	20	<refentrytitle>apt-key</refentrytitle>
	21	<manvolnum>8</manvolnum>
f0599b9c	22	<refmiscinfo class="manual">APT</refmiscinfo>
b3d44315 MV	23	</refmeta>
	24
	25	<!-- Man page title -->
	26	<refnamediv>
	27	<refname>apt-key</refname>
	28	<refpurpose>APT key management utility</refpurpose>
	29	</refnamediv>
	30
6e8b4572	31	&synopsis-command-apt-key;
b3d44315 MV	32
	33	<refsect1><title>Description</title>
	34	<para>
	35	<command>apt-key</command> is used to manage the list of keys used
	36	by apt to authenticate packages. Packages which have been
	37	authenticated using these keys will be considered trusted.
	38	</para>
	39	</refsect1>
	40
	41	<refsect1><title>Commands</title>
	42	<variablelist>
2b9b27c3	43	<varlistentry><term><option>add</option> <option>&synopsis-param-filename;</option></term>
b3d44315 MV	44	<listitem>
b3d44315 MV	45	<para>
c086ac18 DK	46	Add a new key to the list of trusted keys.
	47	The key is read from the filename given with the parameter
	48	&synopsis-param-filename; or if the filename is <literal>-</literal>
	49	from standard input.
b3d44315 MV	50	</para>
	51
	52	</listitem>
	53	</varlistentry>
	54
2b9b27c3	55	<varlistentry><term><option>del</option> <option>&synopsis-param-keyid;</option></term>
b3d44315 MV	56	<listitem>
	57	<para>
	58
	59	Remove a key from the list of trusted keys.
	60
	61	</para>
	62
	63	</listitem>
	64	</varlistentry>
	65
2b9b27c3	66	<varlistentry><term><option>export</option> <option>&synopsis-param-keyid;</option></term>
bf6d5b42 OS	67	<listitem>
	68	<para>
	69
6e8b4572	70	Output the key &synopsis-param-keyid; to standard output.
bf6d5b42 OS	71
	72	</para>
	73
	74	</listitem>
	75	</varlistentry>
	76
2b9b27c3	77	<varlistentry><term><option>exportall</option></term>
bf6d5b42 OS	78	<listitem>
	79	<para>
	80
	81	Output all trusted keys to standard output.
	82
	83	</para>
	84
	85	</listitem>
	86	</varlistentry>
	87
2b9b27c3	88	<varlistentry><term><option>list</option></term>
b3d44315 MV	89	<listitem>
	90	<para>
	91
	92	List trusted keys.
d2793259	93
b3d44315 MV	94	</para>
b3d44315 MV	95
a8cabc8f LB	96	</listitem>
	97	</varlistentry>
	98
2b9b27c3	99	<varlistentry><term><option>finger</option></term>
a8cabc8f LB	100	<listitem>
	101	<para>
	102
	103	List fingerprints of trusted keys.
	104
	105	</para>
	106
	107	</listitem>
	108	</varlistentry>
	109
2b9b27c3	110	<varlistentry><term><option>adv</option></term>
a8cabc8f LB	111	<listitem>
	112	<para>
	113
	114	Pass advanced options to gpg. With adv --recv-key you can download the
	115	public key.
	116
	117	</para>
	118
b3d44315 MV	119	</listitem>
b3d44315 MV	120	</varlistentry>
d2793259	121
2b9b27c3	122	<varlistentry><term><option>update</option></term>
d2793259 MV	123	<listitem>
	124	<para>
	125
00c6e1a3 MV	126	Update the local keyring with the archive keyring and remove from
	127	the local keyring the archive keys which are no longer valid.
	128	The archive keyring is shipped in the <literal>archive-keyring</literal> package of your
694ef56e	129	distribution, e.g. the &keyring-package; package in &keyring-distro;.
d2793259 MV	130
	131	</para>
	132
	133	</listitem>
	134	</varlistentry>
f37e6374	135
2b9b27c3	136	<varlistentry><term><option>net-update</option></term>
f37e6374 JAK	137	<listitem>
	138	<para>
	139
6072cbe1 JR	140	Perform an update working similarly to the <command>update</command> command above,
6072cbe1 JR	141	but get the archive keyring from a URI instead and validate it against a master key.
00c6e1a3 MV	142
	143	This requires an installed &wget; and an APT build configured to have
	144	a server to fetch from and a master keyring to validate.
	145
6072cbe1	146	APT in Debian does not support this command, relying on
00c6e1a3	147	<command>update</command> instead, but Ubuntu's APT does.
f37e6374 JAK	148
	149	</para>
	150
	151	</listitem>
	152	</varlistentry>
d2793259 MV	153	</variablelist>
	154	</refsect1>
	155
46e39c8e MV	156	<refsect1><title>Options</title>
	157	<para>Note that options need to be defined before the commands described in the previous section.</para>
	158	<variablelist>
2b9b27c3	159	<varlistentry><term><option>--keyring</option> <option>&synopsis-param-filename;</option></term>
6072cbe1	160	<listitem><para>With this option it is possible to specify a particular keyring
46e39c8e MV	161	file the command should operate on. The default is that a command is executed
46e39c8e MV	162	on the <filename>trusted.gpg</filename> file as well as on all parts in the
2130caa8	163	<filename>trusted.gpg.d</filename> directory, though <filename>trusted.gpg</filename>
46e39c8e MV	164	is the primary keyring which means that e.g. new keys are added to this one.
	165	</para></listitem>
	166	</varlistentry>
	167	</variablelist>
	168	</refsect1>
	169
d2793259 MV	170	<refsect1><title>Files</title>
d2793259 MV	171	<variablelist>
46e39c8e MV	172
46e39c8e MV	173	&file-trustedgpg;
d2793259 MV	174
	175	<varlistentry><term><filename>/etc/apt/trustdb.gpg</filename></term>
	176	<listitem><para>Local trust database of archive keys.</para></listitem>
	177	</varlistentry>
	178
694ef56e DK	179	<varlistentry><term>&keyring-filename;</term>
694ef56e DK	180	<listitem><para>Keyring of &keyring-distro; archive trusted keys.</para></listitem>
d2793259 MV	181	</varlistentry>
d2793259 MV	182
694ef56e DK	183	<varlistentry><term>&keyring-removed-filename;</term>
694ef56e DK	184	<listitem><para>Keyring of &keyring-distro; archive removed trusted keys.</para></listitem>
d2793259 MV	185	</varlistentry>
d2793259 MV	186
b3d44315	187	</variablelist>
d2793259	188
b3d44315 MV	189	</refsect1>
b3d44315 MV	190
d2793259 MV	191	<refsect1><title>See Also</title>
	192	<para>
	193	&apt-get;, &apt-secure;
	194	</para>
	195	</refsect1>
b3d44315 MV	196
	197	&manbugs;
	198	&manauthor;
	199
	200	</refentry>
	201