Include:Abuild-keygen: Difference between revisions

Latest revision as of 10:06, 14 March 2025

For abuild a public/private rsa key pair is needed. The abuild-keygen command from abuild package generates and configures the security keys.

$ abuild-keygen -a -i

@@ Line 1: / Line 1: @@
-For abuild a public/private rsa key pair is needed. The <code>abuild-keygen</code> command from {{pkg|abuild}} package generates and configures the security keys.
+For abuild a public/private rsa key pair is needed. The <code>abuild-keygen</code> command from {{pkg|abuild}} package generates and configures the security keys.{{Cmd|$ abuild-keygen -a -i}}
-{{Cmd|$ doas abuild-keygen -a -i}}
-'''abuild-keygen options'''
-* '''-a'''  Set PACKAGER_PRIVKEY=<generated key> in abuild.conf
-* '''-i'''  Install public key into /etc/apk/keys using sudo
-* '''-h'''  Show this help
-* '''-n'''  Non-interactive. Use defaults
-* '''-q'''  Quiet mode
-<!--
-==== Creating keys manually ====
-In older versions of Alpine, we had to manually create keys for signing packages and indexes. This explains how. Nowadays you can just use <code>abuild-keygen</code>.
-Since the public key needs to be unique for each developer, the email address should be used as name for the public key.
-Create the private key:
-{{cmd|openssl genrsa -out ''emailaddress.priv'' 2048}}
-{{tip|Append ''-aes256'' if you want it encrypted, but then you'll need to enter the password for every package you sign}}
-Create the public key:
-{{cmd|openssl rsa -in ''emailaddress.priv'' -pubout -out /etc/apk/keys/''emailaddress''}}
-The public key should be distributed and installed into {{Path|/etc/apk/keys}} on the alpine box that will install the packages.  The private key, when created by <code>abuild</code>, is installed into {{Path|~/.abuild/$something.rsa}}. This basically means that the main developer's public keys should be in {{Path|/etc/apk/keys}} on all Alpine boxes.
--->