1VENDORS.LIST(5)                  vendors.list                  VENDORS.LIST(5)
2
3
4

NAME

6       vendors.list - Security key configuration for APT
7
8

DESCRIPTION

10       The  package  vendor  list contains a list of all vendors from whom you
11       wish to
12        authenticate  downloaded  packages.  For each vendor listed,  it  must
13       contain  the corresponding PGP key fingerprint, so that  APT  can  per‐
14       form  signature verification  of the release file and subsequent check‐
15       ing of the checksums of each  downloaded  package.  To have authentica‐
16       tion enabled, you must  add  the  vendor  identification  string   (see
17       below)  enclosed  in  square braces to the sources.list(5) line for all
18       sites that mirror the repository provided by that vendor.
19
20       The format of this file is similar  to  the  one  used  by apt.conf(5).
21       It  consists  of  an  arbitrary number of blocks of vendors, where each
22       block starts with a string telling the key_type and the vendor_id.
23
24       Some vendors may have multiple blocks that  define  different  security
25       policies for their distributions.  Debian for instance uses a different
26       signing methodology for stable and unstable releases.
27
28       key_type is the type of the check required.  Currently, there  is  only
29       one type available which is simple-key.
30
31       vendor_id  is  the  vendor  identification  string.  It is an arbitrary
32       string you must supply to uniquely identify a vendor that's  listed  in
33       this file.
34
35       Example:
36
37              simple-key "joe"
38              {
39                 Fingerprint "0987AB4378FSD872343298787ACC";
40                 Name "Joe Shmoe <joe@shmoe.com>";
41              }
42
43

THE SIMPLE-KEY TYPE

45       This  type of verification is used when the vendor has a single secured
46       key that must be used to sign the Release file.   The  following  items
47       should be present
48
49
50       Fingerprint
51              The  PGP  fingerprint  for  the  key.  The fingerprint should be
52              expressed in the standard notion with or  without  spaces.   The
53              --fingerprint  option  for  gpg(1) will show the fingerprint for
54              the selected keys(s).
55
56
57       Name   A string containing a description of the owner of the   key   or
58              vendor.    You  may  put  the vendor name and email.  The string
59              must be entirely within double-quotes (").
60
61

FILES

63       /etc/apt/vendors.list
64
65

SEE ALSO

67       sources.list(5)
68
69

BUGS

71       Reporting bugs in APT-RPM is best done in the  APT-RPM  mailinglist  at
72       http://apt-rpm.org/mailinglist.shtml.
73
74

AUTHOR

76       Maintainer and contributor information can be found in the credits page
77       http://apt-rpm.org/about.shtml of APT-RPM.
78
79
80
81APT-RPM                           14 Jun 2006                  VENDORS.LIST(5)