Creating keys for package signing: Difference between revisions
(→Creating keys for package signing: Typo fixes and using some wiki templates) |
(One title is enough ...) |
||
Line 1: | Line 1: | ||
This document describes how to create a public and a private key for signing of packages and indexes. The public key should be distributed and installed into /etc/apk/keys on the alpine box that will install the packages. This basically means that the main developers public keys should be in /etc/apk/keys on all alpine boxes. | This document describes how to create a public and a private key for signing of packages and indexes. The public key should be distributed and installed into /etc/apk/keys on the alpine box that will install the packages. This basically means that the main developers public keys should be in /etc/apk/keys on all alpine boxes. | ||
Line 7: | Line 6: | ||
{{cmd|openssl genrsa -out ''emailaddress.priv'' 2048}} | {{cmd|openssl genrsa -out ''emailaddress.priv'' 2048}} | ||
{{tip|Append -aes256 if you want it encrypted, but then you'll need to enter the password for every package you sign}} | {{tip|Append ''-aes256'' if you want it encrypted, but then you'll need to enter the password for every package you sign}} | ||
== Creating the public key == | == Creating the public key == | ||
{{cmd|openssl rsa -in ''emailaddress.priv'' -pubout -out /etc/apk/keys/''emailaddress''}} | {{cmd|openssl rsa -in ''emailaddress.priv'' -pubout -out /etc/apk/keys/''emailaddress''}} |
Revision as of 13:54, 27 April 2010
This document describes how to create a public and a private key for signing of packages and indexes. The public key should be distributed and installed into /etc/apk/keys on the alpine box that will install the packages. This basically means that the main developers public keys should be in /etc/apk/keys on all alpine boxes.
Since the public key needs to be unique for each developer the email address should be used as name for the public key.
Create the private key
openssl genrsa -out emailaddress.priv 2048
Tip: Append -aes256 if you want it encrypted, but then you'll need to enter the password for every package you sign
Creating the public key
openssl rsa -in emailaddress.priv -pubout -out /etc/apk/keys/emailaddress