Include:Abuild-keygen: Difference between revisions
(Created page with "{{Cmd|abuild-keygen -a -i}} '''abuild-keygen options''' * '''-h''' Show this help") |
(add category package manager) |
||
| (7 intermediate revisions by 4 users not shown) | |||
| Line 1: | Line 1: | ||
For abuild a public/private rsa key pair is needed. <tt>abuild-keygen</tt> does the generation of those keys for you. | |||
{{Cmd|abuild-keygen -a -i}} | {{Cmd|abuild-keygen -a -i}} | ||
'''abuild-keygen options''' | '''abuild-keygen options''' | ||
* '''-a''' Set PACKAGER_PRIVKEY=<generated key> in abuild.conf | |||
* '''-i''' Install public key into /etc/apk/keys using sudo | |||
* '''-h''' Show this help | * '''-h''' Show this help | ||
* '''-n''' Non-interactive. Use defaults | |||
* '''-q''' Quiet mode | |||
==== Creating keys manually ==== | |||
In older versions of Alpine, we had to manually create keys for signing packages and indexes. This explains how. Nowadays you can just use <code>abuild-keygen</code>. | |||
Since the public key needs to be unique for each developer, the email address should be used as name for the public key. | |||
Create the private key: | |||
{{cmd|openssl genrsa -out ''emailaddress.priv'' 2048}} | |||
{{tip|Append ''-aes256'' if you want it encrypted, but then you'll need to enter the password for every package you sign}} | |||
Create the public key: | |||
{{cmd|openssl rsa -in ''emailaddress.priv'' -pubout -out /etc/apk/keys/''emailaddress''}} | |||
The public key should be distributed and installed into {{Path|/etc/apk/keys}} on the alpine box that will install the packages. The private key, when created by <code>abuild</code>, is installed into {{Path|~/.abuild/$something.rsa}}. This basically means that the main developer's public keys should be in {{Path|/etc/apk/keys}} on all Alpine boxes. | |||
[[Category:Development]] | |||
[[Category:Package Manager]] | |||
Latest revision as of 01:07, 25 August 2023
For abuild a public/private rsa key pair is needed. abuild-keygen does the generation of those keys for you.
abuild-keygen -a -i
abuild-keygen options
- -a Set PACKAGER_PRIVKEY=<generated key> in abuild.conf
- -i Install public key into /etc/apk/keys using sudo
- -h Show this help
- -n Non-interactive. Use defaults
- -q Quiet mode
Creating keys manually
In older versions of Alpine, we had to manually create keys for signing packages and indexes. This explains how. Nowadays you can just use abuild-keygen.
Since the public key needs to be unique for each developer, the email address should be used as name for the public key.
Create the private key:
openssl genrsa -out emailaddress.priv 2048
Create the public key:
openssl rsa -in emailaddress.priv -pubout -out /etc/apk/keys/emailaddress
The public key should be distributed and installed into /etc/apk/keys on the alpine box that will install the packages. The private key, when created by abuild, is installed into ~/.abuild/$something.rsa. This basically means that the main developer's public keys should be in /etc/apk/keys on all Alpine boxes.