NAME¶

rkt-trust - Trust a key for image verification

SYNOPSIS¶

rkt trust [--prefix=PREFIX] [--insecure-allow-http] [--skip-fingerprint-review] [--root] [PUBKEY ...] [flags]

DESCRIPTION¶

Adds keys to the local keystore for use in verifying signed images.

PUBKEY may be either a local file or URL.

PREFIX scopes the applicability of PUBKEY to image names sharing PREFIX.

Meta discovery of PUBKEY at PREFIX will be attempted if no PUBKEY is specified.

To trust a key for all images instead of for specific images, --root can be specified. Path to a key file must be given (no discovery).

OPTIONS¶

-h, --help[=false]
help for trust

--insecure-allow-http[=false]
allow HTTP use for key discovery and/or retrieval

--prefix=""
prefix to limit trust to

--root[=false]
add root key from filesystem without a prefix

--skip-fingerprint-review[=false]
accept key without fingerprint confirmation

OPTIONS INHERITED FROM PARENT COMMANDS¶

--debug[=false]
print out more debug information to stderr

--dir=/var/lib/rkt
rkt data directory

--insecure-options=none
comma-separated list of security features to disable. Allowed values: "none", "image", "tls", "ondisk", "http", "pubkey", "capabilities", "paths", "seccomp", "all-fetch", "all-run", "all"

--local-config=/etc/rkt
local configuration directory

--system-config=/usr/lib/rkt
system configuration directory

--trust-keys-from-https[=false]
automatically trust gpg keys fetched from https

--user-config=
user configuration directory

SEE ALSO¶

rkt(1)

HISTORY¶

20-Dec-2019 Auto generated by spf13/cobra