Commit f77ea823 authored by David Kalnischkies's avatar David Kalnischkies

document which keyring formats are supported by apt-key

* the good old 'simple' keyring format
* the ascii armored variant since 1.4

Not supported is the (new in gpg 2.1) keybox format.

Closes: 844724
parent 2906182d
...@@ -47,6 +47,20 @@ ...@@ -47,6 +47,20 @@
</para> </para>
</refsect1> </refsect1>
<refsect1><title>Supported keyring files</title>
<para>apt-key supports only the binary OpenPGP format (also known as "GPG key
public ring") in files with the "<literal>gpg</literal>" extension, not
the keybox database format introduced in newer &gpg; versions as default
for keyring files. Binary keyring files intended to be used with any apt
version should therefore always be created with <command>gpg --export</command>.
</para>
<para>Alternatively, if all systems which should be using the created keyring
have at least apt version >= 1.4 installed, you can use the ASCII armored
format with the "<literal>asc</literal>" extension instead which can be
created with <command>gpg --armor --export</command>.
</para>
</refsect1>
<refsect1><title>Commands</title> <refsect1><title>Commands</title>
<variablelist> <variablelist>
<varlistentry><term><option>add</option> <option>&synopsis-param-filename;</option></term> <varlistentry><term><option>add</option> <option>&synopsis-param-filename;</option></term>
...@@ -63,10 +77,10 @@ ...@@ -63,10 +77,10 @@
otherwise the &apt-secure; infrastructure is completely undermined. otherwise the &apt-secure; infrastructure is completely undermined.
</para> </para>
<para> <para>
Instead of using this command a keyring can be placed directly in the <emphasis>Note</emphasis>: Instead of using this command a keyring
<filename>/etc/apt/trusted.gpg.d/</filename> directory with a descriptive name should be placed directly in the <filename>/etc/apt/trusted.gpg.d/</filename>
(same rules for filename apply as for &apt-conf; files) and "<literal>gpg</literal>" directory with a descriptive name and either "<literal>gpg</literal>" or
as file extension. "<literal>asc</literal>" as file extension.
</para> </para>
</listitem> </listitem>
</varlistentry> </varlistentry>
...@@ -139,7 +153,7 @@ ...@@ -139,7 +153,7 @@
<para> <para>
Note that a distribution does not need to and in fact should not use Note that a distribution does not need to and in fact should not use
this command any longer and instead ship keyring files in the this command any longer and instead ship keyring files in the
<filename>/etc/apt/trusted.gpg</filename> directory directly as this <filename>/etc/apt/trusted.gpg.d/</filename> directory directly as this
avoids a dependency on <package>gnupg</package> and it is easier to manage avoids a dependency on <package>gnupg</package> and it is easier to manage
keys by simply adding and removing files for maintainers and users alike. keys by simply adding and removing files for maintainers and users alike.
</para> </para>
......
...@@ -2015,7 +2015,7 @@ msgstr "" ...@@ -2015,7 +2015,7 @@ msgstr ""
msgid "" msgid ""
"Note that a distribution does not need to and in fact should not use this " "Note that a distribution does not need to and in fact should not use this "
"command any longer and instead ship keyring files in the " "command any longer and instead ship keyring files in the "
"<filename>/etc/apt/trusted.gpg</filename> directory directly as this avoids " "<filename>/etc/apt/trusted.gpg.d/</filename> directory directly as this avoids "
"a dependency on <package>gnupg</package> and it is easier to manage keys by " "a dependency on <package>gnupg</package> and it is easier to manage keys by "
"simply adding and removing files for maintainers and users alike." "simply adding and removing files for maintainers and users alike."
msgstr "" msgstr ""
......
...@@ -2833,13 +2833,13 @@ msgstr "" ...@@ -2833,13 +2833,13 @@ msgstr ""
msgid "" msgid ""
"Note that a distribution does not need to and in fact should not use this " "Note that a distribution does not need to and in fact should not use this "
"command any longer and instead ship keyring files in the <filename>/etc/apt/" "command any longer and instead ship keyring files in the <filename>/etc/apt/"
"trusted.gpg</filename> directory directly as this avoids a dependency on " "trusted.gpg.d/</filename> directory directly as this avoids a dependency on "
"<package>gnupg</package> and it is easier to manage keys by simply adding " "<package>gnupg</package> and it is easier to manage keys by simply adding "
"and removing files for maintainers and users alike." "and removing files for maintainers and users alike."
msgstr "" msgstr ""
"Beachten Sie, dass eine Distribution diesen Befehl nicht benötigt und " "Beachten Sie, dass eine Distribution diesen Befehl nicht benötigt und "
"tatsächlich nicht länger nutzen sollte. Sie sollte stattdessen " "tatsächlich nicht länger nutzen sollte. Sie sollte stattdessen "
"Schlüsselbunddateien im Verzeichnis <filename>/etc/apt/trusted.gpg</" "Schlüsselbunddateien im Verzeichnis <filename>/etc/apt/trusted.gpg.d/</"
"filename> direkt mitliefern, da dies eine Abhängigkeit von <package>gnupg</" "filename> direkt mitliefern, da dies eine Abhängigkeit von <package>gnupg</"
"package> vermeidet und die Verwaltung von Schlüsseln durch einfaches " "package> vermeidet und die Verwaltung von Schlüsseln durch einfaches "
"Hinzufügen und Entfernen von Dateien für Paketbetreuer und Anwender " "Hinzufügen und Entfernen von Dateien für Paketbetreuer und Anwender "
......
...@@ -2890,7 +2890,7 @@ msgstr "" ...@@ -2890,7 +2890,7 @@ msgstr ""
msgid "" msgid ""
"Note that a distribution does not need to and in fact should not use this " "Note that a distribution does not need to and in fact should not use this "
"command any longer and instead ship keyring files in the <filename>/etc/apt/" "command any longer and instead ship keyring files in the <filename>/etc/apt/"
"trusted.gpg</filename> directory directly as this avoids a dependency on " "trusted.gpg.d/</filename> directory directly as this avoids a dependency on "
"<package>gnupg</package> and it is easier to manage keys by simply adding " "<package>gnupg</package> and it is easier to manage keys by simply adding "
"and removing files for maintainers and users alike." "and removing files for maintainers and users alike."
msgstr "" msgstr ""
......
...@@ -2819,7 +2819,7 @@ msgstr "" ...@@ -2819,7 +2819,7 @@ msgstr ""
msgid "" msgid ""
"Note that a distribution does not need to and in fact should not use this " "Note that a distribution does not need to and in fact should not use this "
"command any longer and instead ship keyring files in the <filename>/etc/apt/" "command any longer and instead ship keyring files in the <filename>/etc/apt/"
"trusted.gpg</filename> directory directly as this avoids a dependency on " "trusted.gpg.d/</filename> directory directly as this avoids a dependency on "
"<package>gnupg</package> and it is easier to manage keys by simply adding " "<package>gnupg</package> and it is easier to manage keys by simply adding "
"and removing files for maintainers and users alike." "and removing files for maintainers and users alike."
msgstr "" msgstr ""
......
...@@ -2863,7 +2863,7 @@ msgstr "" ...@@ -2863,7 +2863,7 @@ msgstr ""
msgid "" msgid ""
"Note that a distribution does not need to and in fact should not use this " "Note that a distribution does not need to and in fact should not use this "
"command any longer and instead ship keyring files in the <filename>/etc/apt/" "command any longer and instead ship keyring files in the <filename>/etc/apt/"
"trusted.gpg</filename> directory directly as this avoids a dependency on " "trusted.gpg.d/</filename> directory directly as this avoids a dependency on "
"<package>gnupg</package> and it is easier to manage keys by simply adding " "<package>gnupg</package> and it is easier to manage keys by simply adding "
"and removing files for maintainers and users alike." "and removing files for maintainers and users alike."
msgstr "" msgstr ""
......
...@@ -2760,7 +2760,7 @@ msgstr "" ...@@ -2760,7 +2760,7 @@ msgstr ""
msgid "" msgid ""
"Note that a distribution does not need to and in fact should not use this " "Note that a distribution does not need to and in fact should not use this "
"command any longer and instead ship keyring files in the <filename>/etc/apt/" "command any longer and instead ship keyring files in the <filename>/etc/apt/"
"trusted.gpg</filename> directory directly as this avoids a dependency on " "trusted.gpg.d/</filename> directory directly as this avoids a dependency on "
"<package>gnupg</package> and it is easier to manage keys by simply adding " "<package>gnupg</package> and it is easier to manage keys by simply adding "
"and removing files for maintainers and users alike." "and removing files for maintainers and users alike."
msgstr "" msgstr ""
......
...@@ -2907,13 +2907,13 @@ msgstr "" ...@@ -2907,13 +2907,13 @@ msgstr ""
msgid "" msgid ""
"Note that a distribution does not need to and in fact should not use this " "Note that a distribution does not need to and in fact should not use this "
"command any longer and instead ship keyring files in the <filename>/etc/apt/" "command any longer and instead ship keyring files in the <filename>/etc/apt/"
"trusted.gpg</filename> directory directly as this avoids a dependency on " "trusted.gpg.d/</filename> directory directly as this avoids a dependency on "
"<package>gnupg</package> and it is easier to manage keys by simply adding " "<package>gnupg</package> and it is easier to manage keys by simply adding "
"and removing files for maintainers and users alike." "and removing files for maintainers and users alike."
msgstr "" msgstr ""
"Merk op dat een distributie dit commando niet langer hoeft en ook niet zou " "Merk op dat een distributie dit commando niet langer hoeft en ook niet zou "
"mogen gebruiken. In plaats daarvan moeten rechtstreeks sleutelbosbestanden " "mogen gebruiken. In plaats daarvan moeten rechtstreeks sleutelbosbestanden "
"meegeleverd worden in de map <filename>/etc/apt/trusted.gpg</filename>. Dit " "meegeleverd worden in de map <filename>/etc/apt/trusted.gpg.d/</filename>. Dit "
"voorkomt dat het pakket <package>gnupg</package> een vereiste is, en zowel " "voorkomt dat het pakket <package>gnupg</package> een vereiste is, en zowel "
"voor pakketonderhouders als voor gebruikers is het makkelijker om sleutels " "voor pakketonderhouders als voor gebruikers is het makkelijker om sleutels "
"te beheren door eenvoudigweg bestanden toe te voegen of te verwijderen." "te beheren door eenvoudigweg bestanden toe te voegen of te verwijderen."
......
...@@ -2935,7 +2935,7 @@ msgstr "" ...@@ -2935,7 +2935,7 @@ msgstr ""
msgid "" msgid ""
"Note that a distribution does not need to and in fact should not use this " "Note that a distribution does not need to and in fact should not use this "
"command any longer and instead ship keyring files in the <filename>/etc/apt/" "command any longer and instead ship keyring files in the <filename>/etc/apt/"
"trusted.gpg</filename> directory directly as this avoids a dependency on " "trusted.gpg.d/</filename> directory directly as this avoids a dependency on "
"<package>gnupg</package> and it is easier to manage keys by simply adding " "<package>gnupg</package> and it is easier to manage keys by simply adding "
"and removing files for maintainers and users alike." "and removing files for maintainers and users alike."
msgstr "" msgstr ""
......
...@@ -2831,7 +2831,7 @@ msgstr "" ...@@ -2831,7 +2831,7 @@ msgstr ""
msgid "" msgid ""
"Note that a distribution does not need to and in fact should not use this " "Note that a distribution does not need to and in fact should not use this "
"command any longer and instead ship keyring files in the <filename>/etc/apt/" "command any longer and instead ship keyring files in the <filename>/etc/apt/"
"trusted.gpg</filename> directory directly as this avoids a dependency on " "trusted.gpg.d/</filename> directory directly as this avoids a dependency on "
"<package>gnupg</package> and it is easier to manage keys by simply adding " "<package>gnupg</package> and it is easier to manage keys by simply adding "
"and removing files for maintainers and users alike." "and removing files for maintainers and users alike."
msgstr "" msgstr ""
......
...@@ -1981,7 +1981,7 @@ msgstr "" ...@@ -1981,7 +1981,7 @@ msgstr ""
msgid "" msgid ""
"Note that a distribution does not need to and in fact should not use this " "Note that a distribution does not need to and in fact should not use this "
"command any longer and instead ship keyring files in the <filename>/etc/apt/" "command any longer and instead ship keyring files in the <filename>/etc/apt/"
"trusted.gpg</filename> directory directly as this avoids a dependency on " "trusted.gpg.d/</filename> directory directly as this avoids a dependency on "
"<package>gnupg</package> and it is easier to manage keys by simply adding " "<package>gnupg</package> and it is easier to manage keys by simply adding "
"and removing files for maintainers and users alike." "and removing files for maintainers and users alike."
msgstr "" msgstr ""
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment