vendors.list - Security key configuration for APT
The package vendor list contains a list of all vendors from whom you
wish to authenticate downloaded packages. For each vendor listed, it
must contain the corresponding PGP key fingerprint, so that APT can
perform signature verification of the release file and subsequent
checking of the checksums of each downloaded package. To have authentication
enabled, you must add the vendor identification string (see
below) enclosed in square braces to the sources.list line for all sites
that mirror the repository provided by that vendor.
The format of this file is similar to the one used by apt.conf. It consists
of an arbitrary number of blocks of vendors, where each block
starts with a string telling the key_type and the vendor_id.
Some vendors may have multiple blocks that define different security
policies for their distributions. Debian for instance uses a different
signing methodology for stable and unstable releases.
key_type is the type of the check required. Currently, there is only
one type available which is simple-key.
vendor_id is the vendor identification string. It is an arbitrary
string you must supply to uniquely identifify a vendor that's listed in
this file. Example:
Name "Joe Shmoe <email@example.com>";
This type of verification is used when the vendor has a single secured
key that must be used to sign the Release file. The following items
should be present
Fingerprint [Toc] [Back]
The PGP fingerprint for the key. The fingerprint should be
expressed in the standard notion with or without spaces. The
--fingerprint option for gpg(1) will show the fingerprint for
the selected keys(s).
Name A string containing a description of the owner of the key or
vendor. You may put the vendor name and it's email. The string
must be quoted with ".
See the APT bug page <URL:http://bugs.debian.org/apt>. If you wish to
report a bug in APT, please see /usr/share/doc/debian/bug-reporting.txt
or the bug(1) command.
APT was written by the APT team <firstname.lastname@example.org>.
12 March 2001 VENDORS.LIST(5)
[ Back ]