1VENDORS.LIST(5)                                                VENDORS.LIST(5)
2
3
4

NAME

6       vendors.list - Security key configuration for APT
7

DESCRIPTION

9       The  package  vendor  list contains a list of all vendors from whom you
10       wish to  authenticate  downloaded  packages.  For each  vendor  listed,
11       it  must  contain  the  corresponding PGP key fingerprint, so that  APT
12       can  perform  signature verification  of the release  file  and  subse‐
13       quent  checking of the checksums of each  downloaded  package.  To have
14       authentication enabled, you must add the vendor  identification  string
15       (see  below) enclosed in square braces to the sources.list line for all
16       sites that mirror the repository provided by that vendor.
17
18       The format of this file is similar  to  the  one   used   by  apt.conf.
19       It  consists  of  an  arbitrary number of blocks of vendors, where each
20       block starts with a string telling the key_type and the vendor_id.
21
22       Some vendors may have multiple blocks that  define  different  security
23       policies  for their distributions. Debian for instance uses a different
24       signing methodology for stable and unstable releases.
25
26       key_type is the type of the check required.  Currently, there  is  only
27       one type available which is simple-key.
28
29       vendor_id  is  the  vendor  identification  string.  It is an arbitrary
30       string you must supply to uniquely identifify a vendor that's listed in
31       this file.  Example:
32
33       simple-key "joe"
34       {
35          Fingerprint "0987AB4378FSD872343298787ACC";
36          Name "Joe Shmoe <joe@shmoe.com>";
37       }
38

THE SIMPLE-KEY TYPE

40       This  type of verification is used when the vendor has a single secured
41       key that must be used to sign the Release  file.  The  following  items
42       should be present
43
44       Fingerprint
45              The  PGP  fingerprint  for  the  key.  The fingerprint should be
46              expressed in the standard notion with or  without  spaces.   The
47              --fingerprint  option  for  gpg(1) will show the fingerprint for
48              the selected keys(s).
49
50       Name   A string containing a description of the owner of the   key   or
51              vendor.   You may put the vendor name and it's email. The string
52              must be quoted with ".
53

FILES

55       /etc/apt/vendors.list
56

SEE ALSO

58       sources.list(5)
59

BUGS

61       See the APT bug page <URL:http://bugs.debian.org/src:apt>.  If you wish
62       to  report  a  bug in APT, please see /usr/share/doc/debian/bug-report‐
63       ing.txt or the reportbug(1) command.
64

AUTHOR

66       APT was written by the APT team <apt@packages.debian.org>.
67
68
69
70                                02 August 2007                 VENDORS.LIST(5)
Impressum