Bug#441942: [PATCH] apt-key should allow exporting trusted keys
Package: apt
Version: 0.6.46.2
Severity: wishlist
Tags: patch
apt-key should support exporting both particular trusted keys, and the
entire list of trusted keys. This would allow an administrator to copy the
list of trusted keys from one machine to another by doing:
apt-key exportall | ssh remotehost.example.com "apt-key add -"
It would also allow exporting particular public keys, like so:
apt-key export 2D230C5F | ssh remotehost.example.com "apt-key add -"
The attached patch adds this functionality.
-- System Information:
Debian Release: 4.0
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16.29-xenU
Locale: LANG=C, LC_CTYPE=C (charmap=UTF-8) (ignored: LC_ALL set to en_CA.UTF-8)
Versions of packages apt depends on:
ii debian-archive-keyring 2007.02.19 GnuPG archive keys of the Debian a
ii libc6 2.6.1-1+b1 GNU C Library: Shared libraries
ii libgcc1 1:4.2-20070516-1 GCC support library
ii libstdc++6 4.2-20070516-1 The GNU Standard C++ Library v3
apt recommends no packages.
diff -ru orig/apt-0.7.6/cmdline/apt-key apt-0.7.6/cmdline/apt-key
--- orig/apt-0.7.6/cmdline/apt-key 2007-07-24 06:33:29.000000000 -0600
+++ apt-0.7.6/cmdline/apt-key 2007-09-11 18:00:19.000000000 -0600
@@ -39,6 +39,8 @@
echo
echo " apt-key add <file> - add the key contained in <file> ('-' for stdin)"
echo " apt-key del <keyid> - remove the key <keyid>"
+ echo " apt-key export <keyid> - output the key <keyid>"
+ echo " apt-key exportall - output all trusted keys"
echo " apt-key update - update keys using the keyring package"
echo " apt-key list - list keys"
echo
@@ -75,6 +77,12 @@
finger*)
$GPG --batch --fingerprint
;;
+ export)
+ $GPG --armor --export "$1"
+ ;;
+ exportall)
+ $GPG --armor --export
+ ;;
adv*)
echo "Executing: $GPG $*"
$GPG $*
diff -ru orig/apt-0.7.6/doc/apt-key.8.xml apt-0.7.6/doc/apt-key.8.xml
--- orig/apt-0.7.6/doc/apt-key.8.xml 2007-07-24 06:33:29.000000000 -0600
+++ apt-0.7.6/doc/apt-key.8.xml 2007-09-11 18:36:55.000000000 -0600
@@ -63,6 +63,28 @@
</listitem>
</varlistentry>
+ <varlistentry><term>export <replaceable>keyid</replaceable></term>
+ <listitem>
+ <para>
+
+ Output the key <replaceable>keyid</replaceable> to standard output.
+
+ </para>
+
+ </listitem>
+ </varlistentry>
+
+ <varlistentry><term>exportall</term>
+ <listitem>
+ <para>
+
+ Output all trusted keys to standard output.
+
+ </para>
+
+ </listitem>
+ </varlistentry>
+
<varlistentry><term>list</term>
<listitem>
<para>
Reply to: