doc/apt-key.8.xml

   1 <?xml version="1.0" encoding="utf-8" standalone="no"?>
   2 <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
   3   "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
   4
   5 <!ENTITY % aptent SYSTEM "apt.ent">
   6 %aptent;
   7
   8 ]>
   9
  10 <refentry>
  11  &apt-docinfo;
  12
  13  <refmeta>
  14    <refentrytitle>apt-key</refentrytitle>
  15    <manvolnum>8</manvolnum>
  16    <refmiscinfo class="manual">APT</refmiscinfo>
  17  </refmeta>
  18
  19  <!-- Man page title -->
  20  <refnamediv>
  21     <refname>apt-key</refname>
  22     <refpurpose>APT key management utility</refpurpose>
  23  </refnamediv>
  24
  25  <!-- Arguments -->
  26  <refsynopsisdiv>
  27    <cmdsynopsis>
  28       <command>apt-key</command>
  29       <arg><option>--keyring <replaceable>filename</replaceable></option></arg>
  30       <arg><replaceable>command</replaceable></arg>
  31       <arg rep="repeat"><option><replaceable>arguments</replaceable></option></arg>
  32    </cmdsynopsis>
  33  </refsynopsisdiv>
  34
  35  <refsect1><title>Description</title>
  36    <para>
  37    <command>apt-key</command> is used to manage the list of keys used
  38    by apt to authenticate packages.  Packages which have been
  39    authenticated using these keys will be considered trusted.
  40    </para>
  41 </refsect1>
  42
  43 <refsect1><title>Commands</title>
  44    <variablelist>
  45      <varlistentry><term>add <replaceable>filename</replaceable></term>
  46      <listitem>
  47      <para>
  48
  49        Add a new key to the list of trusted keys.  The key is read
  50        from <replaceable>filename</replaceable>, or standard input if
  51        <replaceable>filename</replaceable> is <literal>-</literal>.
  52      </para>
  53
  54      </listitem>
  55      </varlistentry>
  56
  57      <varlistentry><term>del <replaceable>keyid</replaceable></term>
  58      <listitem>
  59      <para>
  60
  61        Remove a key from the list of trusted keys.
  62
  63      </para>
  64
  65      </listitem>
  66      </varlistentry>
  67
  68      <varlistentry><term>export <replaceable>keyid</replaceable></term>
  69      <listitem>
  70      <para>
  71
  72         Output the key <replaceable>keyid</replaceable> to standard output.
  73
  74      </para>
  75
  76      </listitem>
  77      </varlistentry>
  78
  79      <varlistentry><term>exportall</term>
  80      <listitem>
  81      <para>
  82
  83         Output all trusted keys to standard output.
  84
  85      </para>
  86
  87      </listitem>
  88      </varlistentry>
  89
  90      <varlistentry><term>list</term>
  91      <listitem>
  92      <para>
  93
  94        List trusted keys.
  95
  96      </para>
  97
  98      </listitem>
  99      </varlistentry>
 100
 101          <varlistentry><term>finger</term>
 102      <listitem>
 103      <para>
 104
 105      List fingerprints of trusted keys.
 106
 107      </para>
 108
 109      </listitem>
 110      </varlistentry>
 111
 112          <varlistentry><term>adv</term>
 113      <listitem>
 114      <para>
 115
 116      Pass advanced options to gpg. With adv --recv-key you can download the
 117          public key.
 118
 119      </para>
 120
 121      </listitem>
 122      </varlistentry>
 123
 124      <varlistentry><term>update</term>
 125      <listitem>
 126      <para>
 127
 128        Update the local keyring with the keyring of Debian archive
 129        keys and removes from the keyring the archive keys which are no
 130        longer valid.
 131
 132      </para>
 133
 134      </listitem>
 135      </varlistentry>
 136    </variablelist>
 137 </refsect1>
 138
 139  <refsect1><title>Options</title>
 140 <para>Note that options need to be defined before the commands described in the previous section.</para>
 141    <variablelist>
 142       <varlistentry><term>--keyring <replaceable>filename</replaceable></term>
 143       <listitem><para>With this option it is possible to specify a specific keyring
 144       file the command should operate on. The default is that a command is executed
 145       on the <filename>trusted.gpg</filename> file as well as on all parts in the
 146       <filename>trusted.gpg.d</filename> directory, through <filename>trusted.gpg</filename>
 147       is the primary keyring which means that e.g. new keys are added to this one.
 148       </para></listitem>
 149       </varlistentry>
 150    </variablelist>
 151  </refsect1>
 152
 153  <refsect1><title>Files</title>
 154    <variablelist>
 155
 156      &file-trustedgpg;
 157
 158      <varlistentry><term><filename>/etc/apt/trustdb.gpg</filename></term>
 159      <listitem><para>Local trust database of archive keys.</para></listitem>
 160      </varlistentry>
 161
 162      <varlistentry><term><filename>/usr/share/keyrings/debian-archive-keyring.gpg</filename></term>
 163      <listitem><para>Keyring of Debian archive trusted keys.</para></listitem>
 164      </varlistentry>
 165
 166      <varlistentry><term><filename>/usr/share/keyrings/debian-archive-removed-keys.gpg</filename></term>
 167      <listitem><para>Keyring of Debian archive removed trusted keys.</para></listitem>
 168      </varlistentry>
 169
 170    </variablelist>
 171
 172 </refsect1>
 173
 174 <refsect1><title>See Also</title>
 175 <para>
 176 &apt-get;, &apt-secure;
 177 </para>
 178 </refsect1>
 179
 180  &manbugs;
 181  &manauthor;
 182
 183 </refentry>
 184