Import the repository signing key

13,233

The hkp stands for http keyserver protocol or Horowitz Keyserver Protocol similar to http protocol for web pages. this is used with key servers, to regulate how they communicate.

Except:

PGP keys can be retrieved with a variety of protocols; the two dominant ones are LDAP and HTTP. Email and FTP are also used, but are less common. When searching for keys, there are two dominant options: LDAP queries and HTTP queries by some format. So while HTTP keys can be retrieved from any arbitrary URL, something a bit more structured is used to search and, commonly, retrieve. There is a higher-level protocol above HTTP called the “Horowitz Keyserver Protocol”, or “HTTP Keyserver Protocol”, or just HKP. This specifies a specific default port number (11371) and a local URL name-space for constructing URLs to retrieve, upload and search for keys.

More information:

adv
           Pass advanced options to gpg. With adv --recv-key you can e.g. download key from 
           keyservers directly into the the trusted set of keys. Note that there are no
           checks performed, so it is easy to completely undermine the apt-secure(8) 
           infrastructure if used without care.

The option adv allows the use of advanced options like --keyserver and --rec-key

The command:

apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8

is saying retrieve keys B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8 from this location or server hkp://p80.pool.sks-keyservers.net:80

Source:

https://people.spodhuis.org/phil.pennock/pgp-keyservers

man apt-key

13,233

Michael

Updated on September 18, 2022

Comments

Michael over 1 year
"Original" command https://www.postgresql.org/download/linux/ubuntu/
```
wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | \
  sudo apt-key add -
sudo apt-get update
```
And the example below is taken from here: https://docs.docker.com/engine/examples/postgresql_service/#installing-postgresql-on-docker
```
# Add the PostgreSQL PGP key to verify their Debian packages.
# It should be the same key as https://www.postgresql.org/media/keys/ACCC4CF8.asc
RUN apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8
```
I have understood that this is about gpg. I am looking at the output of man gpg. But can't understand this example.

I can't catch from where did they take:
1. hkp://p80.pool.sks-keyservers.net:80
2. B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8
3. --recv-keys
Could you help me here?
Michael almost 7 years

Thank you. Could you comment on where B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8 appeared from. You said: retrive keys B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8. It is Ok. It is working. Something is received. But in the PostgreSQL documentation there is nothing about it. I mean that I will not be able to repeat this without understanding. I can just copy and paste what I see. So could you highlight from where did they take this B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8?
George Udosen almost 7 years

Like I sad there have a key server and that key is on their keyserver from where it will be retrieved