Commit f77ea823 authored by David Kalnischkies's avatar David Kalnischkies

document which keyring formats are supported by apt-key

* the good old 'simple' keyring format
* the ascii armored variant since 1.4

Not supported is the (new in gpg 2.1) keybox format.

Closes: 844724
parent 2906182d
......@@ -47,6 +47,20 @@
</para>
</refsect1>
<refsect1><title>Supported keyring files</title>
<para>apt-key supports only the binary OpenPGP format (also known as "GPG key
public ring") in files with the "<literal>gpg</literal>" extension, not
the keybox database format introduced in newer &gpg; versions as default
for keyring files. Binary keyring files intended to be used with any apt
version should therefore always be created with <command>gpg --export</command>.
</para>
<para>Alternatively, if all systems which should be using the created keyring
have at least apt version >= 1.4 installed, you can use the ASCII armored
format with the "<literal>asc</literal>" extension instead which can be
created with <command>gpg --armor --export</command>.
</para>
</refsect1>
<refsect1><title>Commands</title>
<variablelist>
<varlistentry><term><option>add</option> <option>&synopsis-param-filename;</option></term>
......@@ -63,10 +77,10 @@
otherwise the &apt-secure; infrastructure is completely undermined.
</para>
<para>
Instead of using this command a keyring can be placed directly in the
<filename>/etc/apt/trusted.gpg.d/</filename> directory with a descriptive name
(same rules for filename apply as for &apt-conf; files) and "<literal>gpg</literal>"
as file extension.
<emphasis>Note</emphasis>: Instead of using this command a keyring
should be placed directly in the <filename>/etc/apt/trusted.gpg.d/</filename>
directory with a descriptive name and either "<literal>gpg</literal>" or
"<literal>asc</literal>" as file extension.
</para>
</listitem>
</varlistentry>
......@@ -139,7 +153,7 @@
<para>
Note that a distribution does not need to and in fact should not use
this command any longer and instead ship keyring files in the
<filename>/etc/apt/trusted.gpg</filename> directory directly as this
<filename>/etc/apt/trusted.gpg.d/</filename> directory directly as this
avoids a dependency on <package>gnupg</package> and it is easier to manage
keys by simply adding and removing files for maintainers and users alike.
</para>
......
......@@ -2015,7 +2015,7 @@ msgstr ""
msgid ""
"Note that a distribution does not need to and in fact should not use this "
"command any longer and instead ship keyring files in the "
"<filename>/etc/apt/trusted.gpg</filename> directory directly as this avoids "
"<filename>/etc/apt/trusted.gpg.d/</filename> directory directly as this avoids "
"a dependency on <package>gnupg</package> and it is easier to manage keys by "
"simply adding and removing files for maintainers and users alike."
msgstr ""
......
......@@ -2833,13 +2833,13 @@ msgstr ""
msgid ""
"Note that a distribution does not need to and in fact should not use this "
"command any longer and instead ship keyring files in the <filename>/etc/apt/"
"trusted.gpg</filename> directory directly as this avoids a dependency on "
"trusted.gpg.d/</filename> directory directly as this avoids a dependency on "
"<package>gnupg</package> and it is easier to manage keys by simply adding "
"and removing files for maintainers and users alike."
msgstr ""
"Beachten Sie, dass eine Distribution diesen Befehl nicht benötigt und "
"tatsächlich nicht länger nutzen sollte. Sie sollte stattdessen "
"Schlüsselbunddateien im Verzeichnis <filename>/etc/apt/trusted.gpg</"
"Schlüsselbunddateien im Verzeichnis <filename>/etc/apt/trusted.gpg.d/</"
"filename> direkt mitliefern, da dies eine Abhängigkeit von <package>gnupg</"
"package> vermeidet und die Verwaltung von Schlüsseln durch einfaches "
"Hinzufügen und Entfernen von Dateien für Paketbetreuer und Anwender "
......
......@@ -2890,7 +2890,7 @@ msgstr ""
msgid ""
"Note that a distribution does not need to and in fact should not use this "
"command any longer and instead ship keyring files in the <filename>/etc/apt/"
"trusted.gpg</filename> directory directly as this avoids a dependency on "
"trusted.gpg.d/</filename> directory directly as this avoids a dependency on "
"<package>gnupg</package> and it is easier to manage keys by simply adding "
"and removing files for maintainers and users alike."
msgstr ""
......
......@@ -2819,7 +2819,7 @@ msgstr ""
msgid ""
"Note that a distribution does not need to and in fact should not use this "
"command any longer and instead ship keyring files in the <filename>/etc/apt/"
"trusted.gpg</filename> directory directly as this avoids a dependency on "
"trusted.gpg.d/</filename> directory directly as this avoids a dependency on "
"<package>gnupg</package> and it is easier to manage keys by simply adding "
"and removing files for maintainers and users alike."
msgstr ""
......
......@@ -2863,7 +2863,7 @@ msgstr ""
msgid ""
"Note that a distribution does not need to and in fact should not use this "
"command any longer and instead ship keyring files in the <filename>/etc/apt/"
"trusted.gpg</filename> directory directly as this avoids a dependency on "
"trusted.gpg.d/</filename> directory directly as this avoids a dependency on "
"<package>gnupg</package> and it is easier to manage keys by simply adding "
"and removing files for maintainers and users alike."
msgstr ""
......
......@@ -2760,7 +2760,7 @@ msgstr ""
msgid ""
"Note that a distribution does not need to and in fact should not use this "
"command any longer and instead ship keyring files in the <filename>/etc/apt/"
"trusted.gpg</filename> directory directly as this avoids a dependency on "
"trusted.gpg.d/</filename> directory directly as this avoids a dependency on "
"<package>gnupg</package> and it is easier to manage keys by simply adding "
"and removing files for maintainers and users alike."
msgstr ""
......
......@@ -2907,13 +2907,13 @@ msgstr ""
msgid ""
"Note that a distribution does not need to and in fact should not use this "
"command any longer and instead ship keyring files in the <filename>/etc/apt/"
"trusted.gpg</filename> directory directly as this avoids a dependency on "
"trusted.gpg.d/</filename> directory directly as this avoids a dependency on "
"<package>gnupg</package> and it is easier to manage keys by simply adding "
"and removing files for maintainers and users alike."
msgstr ""
"Merk op dat een distributie dit commando niet langer hoeft en ook niet zou "
"mogen gebruiken. In plaats daarvan moeten rechtstreeks sleutelbosbestanden "
"meegeleverd worden in de map <filename>/etc/apt/trusted.gpg</filename>. Dit "
"meegeleverd worden in de map <filename>/etc/apt/trusted.gpg.d/</filename>. Dit "
"voorkomt dat het pakket <package>gnupg</package> een vereiste is, en zowel "
"voor pakketonderhouders als voor gebruikers is het makkelijker om sleutels "
"te beheren door eenvoudigweg bestanden toe te voegen of te verwijderen."
......
......@@ -2935,7 +2935,7 @@ msgstr ""
msgid ""
"Note that a distribution does not need to and in fact should not use this "
"command any longer and instead ship keyring files in the <filename>/etc/apt/"
"trusted.gpg</filename> directory directly as this avoids a dependency on "
"trusted.gpg.d/</filename> directory directly as this avoids a dependency on "
"<package>gnupg</package> and it is easier to manage keys by simply adding "
"and removing files for maintainers and users alike."
msgstr ""
......
......@@ -2831,7 +2831,7 @@ msgstr ""
msgid ""
"Note that a distribution does not need to and in fact should not use this "
"command any longer and instead ship keyring files in the <filename>/etc/apt/"
"trusted.gpg</filename> directory directly as this avoids a dependency on "
"trusted.gpg.d/</filename> directory directly as this avoids a dependency on "
"<package>gnupg</package> and it is easier to manage keys by simply adding "
"and removing files for maintainers and users alike."
msgstr ""
......
......@@ -1981,7 +1981,7 @@ msgstr ""
msgid ""
"Note that a distribution does not need to and in fact should not use this "
"command any longer and instead ship keyring files in the <filename>/etc/apt/"
"trusted.gpg</filename> directory directly as this avoids a dependency on "
"trusted.gpg.d/</filename> directory directly as this avoids a dependency on "
"<package>gnupg</package> and it is easier to manage keys by simply adding "
"and removing files for maintainers and users alike."
msgstr ""
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment