Include:Abuild-keygen: Difference between revisions

From Alpine Linux
(fixed the command updated the help message as per current version)
(moved content from here to Abuild_and_Helpers#Signing_packages_and_indexes so this page can be transcluded wherever needed)
 
(2 intermediate revisions by the same user not shown)
Line 1: Line 1:
For abuild a public/private rsa key pair is needed. The <code>abuild-keygen</code> command from {{pkg|abuild}} package generates and configures the security keys.
For abuild a public/private rsa key pair is needed. The <code>abuild-keygen</code> command from {{pkg|abuild}} package generates and configures the security keys.{{Cmd|$ abuild-keygen -a -i}}
 
{{Cmd|$ abuild-keygen -a -i}}
Options:
* '''-a, --append'''  Set PACKAGER_PRIVKEY=<generated key> in abuild.conf
* '''-i, --install'''  Install public key into /etc/apk/keys using doas/sudo
* '''-n'''  Non-interactive. Use defaults
* '''    --kernel '''        Generate a key for kernel modules
* ''' -b, --numbits [BITS]''' The size of the private key to generate in bits.
* '''-q'''  Quiet mode
* '''-h'''  Show this help
 
The public key should be distributed and installed into {{Path|/etc/apk/keys}} on the alpine box that will install the packages.  The private key, when created by <code>abuild</code>, is installed into {{Path|~/.abuild/abuild.conf}}. This basically means that the main developer's public keys should be in {{Path|/etc/apk/keys}} on all Alpine boxes.
 
<!--
==== Creating keys manually ====
 
In older versions of Alpine, we had to manually create keys for signing packages and indexes. This explains how. Nowadays you can just use <code>abuild-keygen</code>.
 
Since the public key needs to be unique for each developer, the email address should be used as name for the public key.
 
Create the private key:
{{cmd|openssl genrsa -out ''emailaddress.priv'' 2048}}
 
{{tip|Append ''-aes256'' if you want it encrypted, but then you'll need to enter the password for every package you sign}}
 
Create the public key:
{{cmd|openssl rsa -in ''emailaddress.priv'' -pubout -out /etc/apk/keys/''emailaddress''}}
 
-->

Latest revision as of 10:06, 14 March 2025

For abuild a public/private rsa key pair is needed. The abuild-keygen command from abuild package generates and configures the security keys.

$ abuild-keygen -a -i

Retrieved from "https://wiki.alpinelinux.org/w/index.php?title=Include:Abuild-keygen&oldid=29288"