DEBSIGS(1p) | User Contributed Perl Documentation | DEBSIGS(1p) |
debsigs - process signatures in .deb packages
debsigs --list|-l [-v] file [file...]
debsigs --sign=type [--default-key=keyID] [-v] file [file...]
debsigs --verify|--check|-c file [file...]
debsigs --delete=type file [file...]
debsigs is used to manipulate the cryptographic signatures stored inside a .deb file. It is not used to verify those signatures; for that purpose, see debsig-verify(1).
A Debian package may carry different types of signatures. The most commonly-used ones are:
The official signature of the organization which distributes the package, usually the Debian Project or a GNU/Linux distribution derived from it. This signature may be added automatically.
The signature of the maintainer of the Debian package. This signature should be added by the maintainer before uploading the package.
An automatically-added signature renewed periodically to ensure that a package downloaded from an online archive is indeed the latest version distributed by the organization.
See the /usr/share/doc/debsigs/signing-policy.txt file for more information and rationale for the different signature types.
It would be nice to have a command-line option to change the command used for signing, instead of hard-coding "gpg".
John Goerzen <jgoerzen@progenylinux.com>
2020-05-06 | perl v5.30.0 |