]> git.saurik.com Git - apt.git/blame - doc/apt-key.8.xml
* apt-pkg/clean.cc:
[apt.git] / doc / apt-key.8.xml
CommitLineData
b3d44315 1<?xml version="1.0" encoding="utf-8" standalone="no"?>
81cf16a2
DK
2<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
b3d44315
MV
4
5<!ENTITY % aptent SYSTEM "apt.ent">
6%aptent;
7
0c1a7101
DK
8<!ENTITY % aptverbatiment SYSTEM "apt-verbatim.ent">
9%aptverbatiment;
10
b3d44315
MV
11]>
12
13<refentry>
45fb8bf7
DK
14 <refentryinfo>
15 &apt-author.jgunthorpe;
16 &apt-author.team;
17 &apt-email;
18 &apt-product;
19 <!-- The last update date -->
dabb215c 20 <date>2012-06-09T00:00:00Z</date>
45fb8bf7
DK
21 </refentryinfo>
22
b3d44315
MV
23 <refmeta>
24 <refentrytitle>apt-key</refentrytitle>
25 <manvolnum>8</manvolnum>
f0599b9c 26 <refmiscinfo class="manual">APT</refmiscinfo>
b3d44315
MV
27 </refmeta>
28
29 <!-- Man page title -->
30 <refnamediv>
31 <refname>apt-key</refname>
32 <refpurpose>APT key management utility</refpurpose>
33 </refnamediv>
34
6e8b4572 35 &synopsis-command-apt-key;
b3d44315
MV
36
37 <refsect1><title>Description</title>
38 <para>
39 <command>apt-key</command> is used to manage the list of keys used
40 by apt to authenticate packages. Packages which have been
41 authenticated using these keys will be considered trusted.
42 </para>
43</refsect1>
44
45<refsect1><title>Commands</title>
46 <variablelist>
2b9b27c3 47 <varlistentry><term><option>add</option> <option>&synopsis-param-filename;</option></term>
b3d44315
MV
48 <listitem>
49 <para>
c086ac18
DK
50 Add a new key to the list of trusted keys.
51 The key is read from the filename given with the parameter
52 &synopsis-param-filename; or if the filename is <literal>-</literal>
53 from standard input.
b3d44315
MV
54 </para>
55
56 </listitem>
57 </varlistentry>
58
2b9b27c3 59 <varlistentry><term><option>del</option> <option>&synopsis-param-keyid;</option></term>
b3d44315
MV
60 <listitem>
61 <para>
62
63 Remove a key from the list of trusted keys.
64
65 </para>
66
67 </listitem>
68 </varlistentry>
69
2b9b27c3 70 <varlistentry><term><option>export</option> <option>&synopsis-param-keyid;</option></term>
bf6d5b42
OS
71 <listitem>
72 <para>
73
6e8b4572 74 Output the key &synopsis-param-keyid; to standard output.
bf6d5b42
OS
75
76 </para>
77
78 </listitem>
79 </varlistentry>
80
2b9b27c3 81 <varlistentry><term><option>exportall</option></term>
bf6d5b42
OS
82 <listitem>
83 <para>
84
85 Output all trusted keys to standard output.
86
87 </para>
88
89 </listitem>
90 </varlistentry>
91
2b9b27c3 92 <varlistentry><term><option>list</option></term>
b3d44315
MV
93 <listitem>
94 <para>
95
96 List trusted keys.
d2793259 97
b3d44315
MV
98 </para>
99
a8cabc8f
LB
100 </listitem>
101 </varlistentry>
102
2b9b27c3 103 <varlistentry><term><option>finger</option></term>
a8cabc8f
LB
104 <listitem>
105 <para>
106
107 List fingerprints of trusted keys.
108
109 </para>
110
111 </listitem>
112 </varlistentry>
113
2b9b27c3 114 <varlistentry><term><option>adv</option></term>
a8cabc8f
LB
115 <listitem>
116 <para>
117
118 Pass advanced options to gpg. With adv --recv-key you can download the
119 public key.
120
121 </para>
122
b3d44315
MV
123 </listitem>
124 </varlistentry>
d2793259 125
2b9b27c3 126 <varlistentry><term><option>update</option></term>
d2793259
MV
127 <listitem>
128 <para>
129
00c6e1a3
MV
130 Update the local keyring with the archive keyring and remove from
131 the local keyring the archive keys which are no longer valid.
132 The archive keyring is shipped in the <literal>archive-keyring</literal> package of your
133 distribution, e.g. the <literal>debian-archive-keyring</literal> package in Debian.
d2793259
MV
134
135 </para>
136
137 </listitem>
138 </varlistentry>
f37e6374 139
2b9b27c3 140 <varlistentry><term><option>net-update</option></term>
f37e6374
JAK
141 <listitem>
142 <para>
143
6072cbe1
JR
144 Perform an update working similarly to the <command>update</command> command above,
145 but get the archive keyring from a URI instead and validate it against a master key.
00c6e1a3
MV
146
147 This requires an installed &wget; and an APT build configured to have
148 a server to fetch from and a master keyring to validate.
149
6072cbe1 150 APT in Debian does not support this command, relying on
00c6e1a3 151 <command>update</command> instead, but Ubuntu's APT does.
f37e6374
JAK
152
153 </para>
154
155 </listitem>
156 </varlistentry>
d2793259
MV
157 </variablelist>
158</refsect1>
159
46e39c8e
MV
160 <refsect1><title>Options</title>
161<para>Note that options need to be defined before the commands described in the previous section.</para>
162 <variablelist>
2b9b27c3 163 <varlistentry><term><option>--keyring</option> <option>&synopsis-param-filename;</option></term>
6072cbe1 164 <listitem><para>With this option it is possible to specify a particular keyring
46e39c8e
MV
165 file the command should operate on. The default is that a command is executed
166 on the <filename>trusted.gpg</filename> file as well as on all parts in the
2130caa8 167 <filename>trusted.gpg.d</filename> directory, though <filename>trusted.gpg</filename>
46e39c8e
MV
168 is the primary keyring which means that e.g. new keys are added to this one.
169 </para></listitem>
170 </varlistentry>
171 </variablelist>
172 </refsect1>
173
d2793259
MV
174 <refsect1><title>Files</title>
175 <variablelist>
46e39c8e
MV
176
177 &file-trustedgpg;
d2793259
MV
178
179 <varlistentry><term><filename>/etc/apt/trustdb.gpg</filename></term>
180 <listitem><para>Local trust database of archive keys.</para></listitem>
181 </varlistentry>
182
183 <varlistentry><term><filename>/usr/share/keyrings/debian-archive-keyring.gpg</filename></term>
184 <listitem><para>Keyring of Debian archive trusted keys.</para></listitem>
185 </varlistentry>
186
187 <varlistentry><term><filename>/usr/share/keyrings/debian-archive-removed-keys.gpg</filename></term>
188 <listitem><para>Keyring of Debian archive removed trusted keys.</para></listitem>
189 </varlistentry>
190
b3d44315 191 </variablelist>
d2793259 192
b3d44315
MV
193</refsect1>
194
d2793259
MV
195<refsect1><title>See Also</title>
196<para>
197&apt-get;, &apt-secure;
198</para>
199</refsect1>
b3d44315
MV
200
201 &manbugs;
202 &manauthor;
203
204</refentry>
205