Devuan Keyring
Devuan's keyring contains the public OpenPGP keys used to sign the package repositories. This allows `apt` to verify Devuan packages automatically. In normal use, `apt` will refuse to install any package that cannot be verified.
The keyring is installed by default during installation. If the keyring has been removed, or you are migrating to Devuan from Debian, you may need to install the keyring package manually. Choose the version for the appropriate release from the list of available devuan-keyring packages. When you follow the link to the version you require, there is a link to download (Filename: <link>). Also make a note of the published SHA256 checksum. Verify the checksum of the downloaded file is correct with
sha256sum devuan-keyring_<version>_all.deb
and install with
dpkg -i devuan-keyring_<version>_all.deb (as root)
See `man apt-get` for further details.
Primary Devuan Signing Keys
The keys used to sign Devuan releases are are also available from the public keyserver keyring.devuan.org. They can be imported with:
gpg --keyserver keyring.devuan.org --search-keys <Key>
and verified with:
gpg --fingerprint <Key>
The current IDs, Keys and Fingerprints are:
- Ceres, Beowulf, Chimaera and Daedalus
- ID:
Devuan Repository (Primary Devuan signing key) <repository@devuan.org> - Key:
94532124541922FB - Fingerprint:
72E3 CB77 3315 DFA2 E464 743D 9453 2124 5419 22FB
- ID:
- Excalibur
- ID:
Devuan Release Signing (Excalibur) <repository@devuan.org> - Key:
B3982868D104092C - Fingerprint:
9F8D 6C74 DE66 1075 FD17 1BE3 B398 2868 D104 092C
- ID:
- Freia
- ID:
Devuan Release Signing (Freia) <repository@devuan.org> - Key:
55C470D57732684B - Fingerprint:
6A27 69BF 7BE7 9F17 2569 6E0B 55C4 70D5 7732 684B
- ID: