5. How it Works

Step zero is, of course, to install APT Secure (see below).

We'll assume that you're using Debian's official packages (and therefore Debian's official archive key), though a similar method will work for other sources that APT might use.

Debian's archive key will be installed in /usr/share/apt/debian-archive.gpg when you install APT Secure. You can look at the keys in this keyring with a command like: gpg --list-keys --no-default-keyring --keyring=/usr/share/apt/debian-archive.gpg.

If you're satisfied that you want to add this key, you can run: apt-key add /usr/share/apt/debian-archive.gpg

If you used APT Secure before it was integrated with apt mainline, you might wonder what happened to the vendors.list file. It's gone now, and this process is greatly simplified! You should also remove the vendor annotations from your sources.list file, since these may now cause parse errors.

Did I mention that you have to install APT Secure?