debsign

debsign [options] changes-or-dsc-file

debsign mimics the signing aspects of dpkg-buildpackage(1). It takes a .dsc, .buildinfo, or .changes file and signs it, and any child .dsc, .buildinfo, or .changes files referenced by it, using GPG. Signing is required for uploading packages to Debian repositories, as it verifies the package maintainer's identity.The tool finds the appropriate GPG key based on the maintainer field in the file being signed, or uses an explicitly specified key. It updates the file with GPG signatures that can be verified during package upload and installation.debsign is typically used after building a Debian package with dpkg-buildpackage or debuild, as the final step before uploading to a repository.

FILE

.changes or .dsc file to sign.

GPG key ID to use for signing.

Specify maintainer for signing.

Same as -m but takes precedence over it.

Sign files on specified remote host using scp for transfer.

Use specified GPG program instead of the default gpg.

Search for source-only .changes file instead of binary-build .changes file.

Specify the Debian architecture for .changes file search.

Recreate signature if file has been signed already.

Use existing signature if file has been signed already.

Look for files to sign in specified directory instead of parent directory.

Do not read any configuration files. Must be the first option.

Display help message and exit.

Display version and copyright information.

~/.devscripts

Configuration file for default GPG key ID and signing behavior.

Requires a valid GPG key. The signing key must be trusted by the repository. Changing file contents after signing invalidates the signature. Private key must be available for signing.

debsign is part of the devscripts package, developed for Debian package maintenance. It has been a core tool in the Debian upload process since GPG signatures became required for package uploads.

gpg(1), debuild(1), dpkg-buildpackage(1)