← 返回命令列表

Linux command

apt-key 命令

文本

复制后可按需替换文件名、目录或参数。

常用示例

List

apt-key list

Add

apt-key add [public_key_file.asc]

Delete

apt-key del [key_id]

Example

wget -qO - [https://host.tld/filename.key] | apt-key add -

Example

apt-key adv --keyserver pgp.mit.edu --recv [KEYID]

Export

apt-key exportall

Modern replacement

curl -fsSL [https://example.com/key.gpg] | sudo gpg --dearmor -o /etc/apt/trusted.gpg.d/[example].gpg

Modern replacement

echo "deb [signed-by=/usr/share/keyrings/[example].gpg] [https://repo.example.com] [stable] main" | sudo tee /etc/apt/sources.list.d/[example].list

说明

apt-key is a deprecated key management utility for the APT Package Manager on Debian and Ubuntu. It manages the list of keys used by apt to authenticate packages. Note: apt-key is deprecated since Debian 11 (Bullseye) and Ubuntu 22.04 (Jammy). The recommended approach is to place keyring files directly in /etc/apt/trusted.gpg.d/ (with .gpg or .asc extension) or in /usr/share/keyrings/ and reference them via the `signed-by` option in sources.list entries. Only `apt-key del` remains supported for use in maintainer scripts.

参数

list
List all trusted keys with fingerprints
add file
Add a new key to the list of trusted keys
del keyid
Remove a key from the list of trusted keys
adv
Pass advanced options to gpg
update
Update the local keyring with the archive keyring
net-update
Update the local keyring, fetching missing keys from a keyserver
export keyid
Output the key to standard output
exportall
Output all trusted keys to standard output
finger
List fingerprints of trusted keys (deprecated)
--keyring _filename_
Operate on a specific keyring file (deprecated)

FAQ

What is the apt-key command used for?

apt-key is a deprecated key management utility for the APT Package Manager on Debian and Ubuntu. It manages the list of keys used by apt to authenticate packages. Note: apt-key is deprecated since Debian 11 (Bullseye) and Ubuntu 22.04 (Jammy). The recommended approach is to place keyring files directly in /etc/apt/trusted.gpg.d/ (with .gpg or .asc extension) or in /usr/share/keyrings/ and reference them via the `signed-by` option in sources.list entries. Only `apt-key del` remains supported for use in maintainer scripts.

How do I run a basic apt-key example?

Run `apt-key list` in a terminal, then adjust file names, paths, flags, or remote targets for your system.

What does list do in apt-key?

List all trusted keys with fingerprints