Manpages

Manpage of DEBSIGN

DEBSIGN

Section: User Commands (1)
Updated: Debian Utilities
Index
Return to Main Contents
 

NAME

debsign - sign a Debian changes and dsc file pair using GPG/PGP  

SYNOPSIS

debsign [options] [changes-file|dsc-file]  

DESCRIPTION

debsign takes either an unsigned .dsc file or an unsigned .changes file and the associated unsigned .dsc file (found by replacing the architecture name and .changes by .dsc) if it appears in the .changes file and signs them using the GNU Privacy Guard or PGP. It is careful to calculate the size and MD5 sum of the newly signed .dsc file and replace the original values in the .changes file.

If a .changes or .dsc file is specified, it is signed, otherwise, debian/changelog is parsed to determine the name of the .changes file to look for in the parent directory.

This utility is useful if a developer must build a package on one machine where it is unsafe to sign it; they need then only transfer the small .dsc and .changes files to a safe machine and then use the debsign program to sign them before transferring them back. This process can be automated in two ways. If the files to be signed live on the remote machine, the -r option may be used to copy them to the local machine and back again after signing. If the files live on the local machine, then they may be transferred to the remote machine for signing using debrsign(1).

This program can take default settings from the devscripts configuration files, as described below.  

OPTIONS

-r [username@]remotehost
The .changes and .dsc files live on the specified remote host. In this case, a .changes file must be explicitly named, with an absolute directory or one relative to the remote home directory. SSH will be used for the copying. The [username@]remotehost:changes syntax is permitted as an alternative.
-pprogname
progname is one of pgp or gpg, and specifies which signing program is to be called. The default is gpg if ~/.gnupg/secring.gpg exists and pgp otherwise.
-mmaintainer
Specify the maintainer name to be used for signing.
-emaintainer
Same as -m but takes precedence.
-kkeyid
Specify the key ID to be used for signing; overrides any -m option.
-spgp, -sgpg
Whether the signing program is to be called with command line arguments like those of pgp or gpg.
-S
Look for a source-only .changes file instead of a binary-build changes file.
-adebian-architecture, -tGNU-system-type
See dpkg-architecture(1) for a description of these options. They affect the search for the .changes file.
--help, --version
Show help message and version information respectively.
 

CONFIGURATION VARIABLES

The two configuration files /etc/devscripts.conf and ~/.devscripts are sourced in that order to set configuration variables. Command line options can be used to override configuration file settings. Environment variable settings are ignored for this purpose. The currently recognised variables are:
DEBSIGN_PROGRAM
Setting this is equivalent to giving a -p option.
DEBSIGN_SIGNLIKE
This must be gpg or pgp and is equivalent to using either -sgpg or -spgp respectively.
DEBSIGN_MAINT
This is the -m option.
DEBSIGN_KEYID
And this is the -k option.
 

SEE ALSO

debrsign(1), dpkg-buildpackage(1), dpkg-architecture(1), md5sum(1), gpg(1) and pgp(1).  

AUTHOR

This program was written by Julian Gilbey <jdg@debian.org> and is copyright under the GPL, version 2 or later.


 

Index

NAME
SYNOPSIS
DESCRIPTION
OPTIONS
CONFIGURATION VARIABLES
SEE ALSO
AUTHOR

This document was created by man2html, using the manual pages.
Time: 09:31:49 GMT, July 15, 2020