Skip to content

Secret and Public Keys

The repository needs two keys in order to be secure. There are two parts necessary for APT: a public key, and a private key.

The public key is installed into the user's APT keyring locally on their system, and is used to verify the integrity of the downloaded packages. In Raspbian Addons, the public key is KEY.gpg

The private key is also known as the secret key, and is used to write, or add, packages to the repository, using an encryption engine called gpg. Only the repository maintainers have access to this key.