Provided by: debsigs_0.1.17_all bug

NAME

       debsigs - process signatures in .deb packages

SYNOPSIS

       debsigs --list|-l [-v] file [file...]

       debsigs --sign=type [--default-key=keyID] [-v] file [file...]

       debsigs --verify|--check|-c file [file...]

       debsigs --delete=type file [file...]

DESCRIPTION

       debsigs is used to manipulate the cryptographic signatures stored inside a .deb file.  It
       is not used to verify those signatures; for that purpose, see debsig-verify(1).

OPTIONS

       --list or -l or -t
            Lists the signatures found in the specified file.

       --sign=type
            Creates a new signature of the type specified in the given file.  The signature will
            be created using the default key for your GPG keyring.  See "SIGNATURE TYPES" below
            for possible values of the "type" field.

       --default-key=keyID
            Uses a key other than the default for signing the package.

       --secret-keyring=file or -K file
            Uses a keyring other than the default for signing the package.  This option is passed
            along to GPG verbatim; see the discussion in the gpg(1) manpage for information on
            how to specify the keyring file.

       -v   Displays verbose output.

       --verify or --check or -c
            Invokes debsig-verify to check the validity of the signature on this package.

       --delete=type
            Deletes the signature of the specified type from the package.

SIGNATURE TYPES

       A Debian package may carry different types of signatures.  The most commonly-used ones
       are:

       •   "origin"

           The official signature of the organization which distributes the package, usually the
           Debian Project or a GNU/Linux distribution derived from it.  This signature may be
           added automatically.

       •   "maint"

           The signature of the maintainer of the Debian package.  This signature should be added
           by the maintainer before uploading the package.

       •   "archive"

           An automatically-added signature renewed periodically to ensure that a package
           downloaded from an online archive is indeed the latest version distributed by the
           organization.

       See the /usr/share/doc/debsigs/signing-policy.txt file for more information and rationale
       for the different signature types.

FUTURE DIRECTIONS

       It would be nice to have a command-line option to change the command used for signing,
       instead of hard-coding "gpg".

AUTHOR

       John Goerzen <jgoerzen@progenylinux.com>

SEE ALSO

       debsig-verify(1), gpg(1)