NAME
dscverify - verify the validity of a Debian package
SYNOPSIS
dscverify [--keyring keyring] ... changes_or_dsc_filename ...
DESCRIPTION
dscverify checks that the GPG or PGP signatures on the given .changes
or .dsc files are good signatures made by keys in the current Debian
keyrings, found in the debian-keyring and debian-maintainers packages.
(Additional keyrings can be specified using the --keyring option any
number of times.) It then checks that the other files listed in the
.changes or .dsc files have the correct sizes and checksums (MD5 plus
SHA1 and SHA256 if the latter are present). The exit status is 0 if
there are no problems and non-zero otherwise.
OPTIONS
--keyring keyring
Add keyring to the list of keyrings to be used.
--no-default-keyrings
Do not use the default set of keyrings.
--no-conf, --noconf
Do not read any configuration files. This can only be used as
the first option given on the command-line.
--nosigcheck, --no-sig-check, -u
Skip the signature verification step. That is, only verify the
sizes and checksums of the files listed in the .changes or .dsc
files.
--verbose
Do not suppress GPG output.
--help, -h
Display a help message and exit successfully.
--version
Display version and copyright information and exit
successfully.
CONFIGURATION VARIABLES
The two configuration files /etc/devscripts.conf and
~/.devscripts are sourced by a shell in that order to set
configuration variables. Environment variable settings are
ignored for this purpose. If the first command line option
given is --noconf or --no-conf, then these files will not be
read. The currently recognised variable is:
DSCVERIFY_KEYRINGS
This is a colon-separated list of extra keyrings to use
in addition to any specified on the command line.
KEYRING
Please note that the keyring provided by the debian-keyring
package can be slightly out of date. The latest version can be
obtained with rsync, as documented in the README that comes with
debian-keyring. If you sync the keyring to a non-standard
location (see below), you can use the possibilities to specify
extra keyrings, by either using the above mentioned
configuration option or the --keyring option.
Below is an example for an alias:
alias dscverify='dscverify --keyring ~/.gnupg/pubring.gpg'
STANDARD KEYRING LOCATIONS
By default dscverify searches for the debian-keyring in the
following locations:
- /org/keyring.debian.org/keyrings/debian-keyring.(gpg|pgp)
- /usr/share/keyrings/debian-keyring.(pgp|gpg)
- /usr/share/keyrings/debian-maintainers.gpg
SEE ALSO
gpg(1) and devscripts.conf(5).
AUTHOR
dscverify was written by Roderick Schertler <roderick@argon.org>
and posted on the debian-devel@lists.debian.org mailing list,
with several modifications by Julian Gilbey <jdg@debian.org>.