Provided by: debsigs_0.2.2-1_all bug

NAME
       debsigs - process signatures in .deb packages


SYNOPSIS
       debsigs --list|-l [-v] file [file...]

       debsigs --sign=type [--default-key=keyID] [-v] file [file...]

       debsigs --verify|--check|-c file [file...]

       debsigs --delete=type file [file...]


DESCRIPTION
       debsigs is used to manipulate the cryptographic signatures stored inside a .deb file.  It is not used to
       verify those signatures; for that purpose, see debsig-verify(1).


OPTIONS
       --list or -l or -t
            Lists the signatures found in the specified file.

       --sign=type
            Creates  a  new  signature  of  the type specified in the given file.  The signature will be created
            using the default key for your GPG keyring.  See "SIGNATURE TYPES" below for possible values of  the
            "type" field.

       --default-key=keyID
            Uses a key other than the default for signing the package.

       --secret-keyring=file or -K file
            Uses  a  keyring other than the default for signing the package.  This option is passed along to GPG
            verbatim; see the discussion in the gpg(1) manpage for information on how  to  specify  the  keyring
            file.

       -v   Displays verbose output.

       --verify or --check or -c
            Invokes debsig-verify to check the validity of the signature on this package.

       --delete=type
            Deletes the signature of the specified type from the package.


SIGNATURE TYPES
       A Debian package may carry different types of signatures.  The most commonly-used ones are:

       •   "origin"

           The  official signature of the organization which distributes the package, usually the Debian Project
           or a GNU/Linux distribution derived from it.  This signature may be added automatically.

       •   "maint"

           The signature of the maintainer of the Debian  package.   This  signature  should  be  added  by  the
           maintainer before uploading the package.

       •   "archive"

           An  automatically-added  signature  renewed  periodically to ensure that a package downloaded from an
           online archive is indeed the latest version distributed by the organization.

       See the /usr/share/doc/debsigs/signing-policy.txt  file  for  more  information  and  rationale  for  the
       different signature types.


FUTURE DIRECTIONS
       It  would  be nice to have a command-line option to change the command used for signing, instead of hard-
       coding "gpg".


AUTHOR
       John Goerzen <jgoerzen@progenylinux.com>


SEE ALSO
       debsig-verify(1), gpg(1)

perl v5.40.0                                       2024-11-22                                        DEBSIGS(1p)