A command line tool for Debian/Ubuntu Linux systems to add and remove trusted GPG keys used for authenticating and verifying software packages.
The add-apt-key command in Linux is used to manage the list of trusted GPG keys used by the APT packaging system on Debian, Ubuntu, and related distributions. APT relies on these cryptographic keys to verify the authenticity and integrity of software packages downloaded from remote repositories.
When setting up custom APT repositories, whether for internal software or third-party applications, the repository maintainer generates a GPG key pair. The public key allows APT to ensure packages from that repository have not been tampered with. Before APT will trust packages signed with a key, you need to import the public key with add-apt-key.
Some common uses of the add-apt-key command include:
The add-apt-key tool provides a simple command line interface for managing these trusted GPG keys instead of having to manually manipulate keyring files. An important security practice is to always verify keys with the developer/distributor before importing them on your system.
Here are some alternatives to Add-apt-key:
Suggest an alternative ❐