Need your own package repository for Alpine, Cargo, CocoaPods, Composer, Conan, CRAN, Dart, Debian, Docker, Go, Helm, LuaRocks, Maven, npm, NuGet, Python, RedHat, Ruby, Terraform, Vagrant, Raw & More?

Cloudsmith provides better DevOps with simple and secure delivery of your software, from dev to production.

Start My Free 7-Day Trial

Tool-Specific Instructions

Although we use GPG (and RSA) keys across each repository and package format, client-side tools might have specific instructions that differ (or require manual steps). To add or use the signing key for these tools, please click on the package format specific tabs above.

Public GPG Key

GPG-based key signing is used by:   Cargo logo CocoaPods logo Composer logo Conan logo CRAN logo Dart logo Debian logo Docker logo Go logo Helm logo LuaRocks logo Maven logo npm logo NuGet logo Python logo RedHat logo Ruby logo Terraform logo Vagrant logo Raw logo

The public GPG key for the consensys/helm is:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2
mQENBF9zyF4BCADCIWndLnhpKhBqpGSA4Lp51x93M8I09yL0yC0F9nvlMZQ6H8d+
AG6/x73gxp+UvqFFCvhKmZj9b6Y6N0n/0/AYGIXbovtAkHMfWvSuGMIMDawC03qA
I24HE/hf1h6D28EW+pAufswEmvzQOy8m9tjNY3Mc038G4GhE5+F7R2ZTUnSOL+Ct
bs+KSJaXlTff9yXK4aTSrEw/3KLYBsV8vGwWZ5r1eQauZ7Oy0BF42OvRxg4TtOdc
JnIEgGD6Kso/+alF/5h+WNd2uIn8GdKxa+21JBsOXvB9FsOSqV0Eqz0JJqEiMz7w
N1KQ9NckYebjC6aBS9lGrnUmZ1ckMgyEibgNABEBAAG0O0Nsb3Vkc21pdGggUGFj
a2FnZSAoY29uc2Vuc3lzL2hlbG0pIDxzdXBwb3J0QGNsb3Vkc21pdGguaW8+iQE3
BBMBCAAhBQJfc8heAhsvBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAAAoJEPoXByO2
fH6XF1YH/R9H12yDSEEBP+8u0hK4rkkyaYeCoytmd2i7V79yfn1QjVBXPzStgd5e
f7VrHzyjNYfWTm0cS2m6/Tn25kUqcF6seS/gEbYLDB/wxFthVWxxbSolQTBSdzMW
iCxT+/80FWCesIeMEMzZB8hqsVMnmYG2GALds20mpG7bvpy8zmsZxhTkTz/Q3X8c
XRt/ycpFAm0ZAreUEgupRHFEWxzLS47R+TC8WDt7o+MZ+OKvO7O5Fs9bIlY3k13g
7pmZiuPBD+vNO0S7iRYKjJv/5VGnvHfsiIzmte/cAkq6MRJyH/WWx2PnX7yTpXQT
bkv5WHZd6wiSQQIrRjsZwo/QTP3dNBo=
=Gg5C
-----END PGP PUBLIC KEY BLOCK-----

It has the following long (20 bytes) and short (8 bytes) fingerprints:

F7A05A0A75847D64E7D86FFCFA170723B67C7E97
FA170723B67C7E97

You can download the GPG key or fetch it via the command-line:

curl -sL 'https://artifacts.consensys.net/public/helm/gpg.FA170723B67C7E97.key'

Public RSA Key

RSA-based key signing is used by:   Alpine logo

The public RSA key for the consensys/helm is:

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2wC8tlvsOpjy5JMSamvF
yneG3BdcE70/+zNACU2qcVGAMJGifSMx42OsdrOwCCRJ5DIiDE5UvaAvy2KqozMT
+hGapok5tZ6/qem3+LHtuhfwmfLiY9g+x8q2/efLT1EvK2wxQVv4o3viUSaYrGNE
niwX3TCSCU3V2ksD+o1D+rVv/cUVH1Fu4t94IE22HII/HWP4V4hSxN5n4Ib9/0z5
ozLrSDRZvEOsyf7J6eEr7hjKDxx/A4p/OUMdMx25U1+REhjaNNvBw8frXQenlwzY
YG8JzIa5ScBGSLWBluagqSjhP2PanWap9SQwrl6DXJsQrJpUeORVQ1X3PB+bqUph
rwIDAQAB
-----END PUBLIC KEY-----

It has the following long (16 bytes) and short (8 bytes) fingerprints:

AC8E75D7B830957E288481DBD169136C
288481DBD169136C

You can download the RSA key or fetch it via the command-line:

curl -sL 'https://artifacts.consensys.net/public/helm/rsa.288481DBD169136C.key'

Need Help?

If you couldn't find what you needed in our documentation, then you can always chat to a member of our team instead. It's our mission to be your dedicated off-site team for package management, and we mean it. Come and chat with us, anytime.

Alpine logo

Alpine Signing Key Installation

The following instructions are for Alpine (e.g. apk) packages or compatible.

Automated Installation (Bash)

If you installed the consensys/helm repository by following one of the repository installation instructions then you don't need take any further action. The RSA key should already have been installed alongside the repository.

Manual Installation

If you'd like to manually install the RSA key, you can utilise curl to retrieve the RSA key and install it by executing:

curl -sL 'https://artifacts.consensys.net/public/helm/rsa.288481DBD169136C.key' >/etc/apk/keys/helm@consensys-288481DBD169136C.rsa.pub

Or you can add it directly without curl by executing:

sudo cat >/etc/apk/keys/helm@consensys-288481DBD169136C.rsa.pub <<EOF
    -----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2wC8tlvsOpjy5JMSamvF
yneG3BdcE70/+zNACU2qcVGAMJGifSMx42OsdrOwCCRJ5DIiDE5UvaAvy2KqozMT
+hGapok5tZ6/qem3+LHtuhfwmfLiY9g+x8q2/efLT1EvK2wxQVv4o3viUSaYrGNE
niwX3TCSCU3V2ksD+o1D+rVv/cUVH1Fu4t94IE22HII/HWP4V4hSxN5n4Ib9/0z5
ozLrSDRZvEOsyf7J6eEr7hjKDxx/A4p/OUMdMx25U1+REhjaNNvBw8frXQenlwzY
YG8JzIa5ScBGSLWBluagqSjhP2PanWap9SQwrl6DXJsQrJpUeORVQ1X3PB+bqUph
rwIDAQAB
-----END PUBLIC KEY-----
    EOF

Removing Installation / Uninstalling

If you want to remove the public RSA key for the consensys/helm repository then you can do so by executing the following:

sudo rm -f /etc/apk/keys/helm@consensys-288481DBD169136C.rsa.pub

Note: Don't do this if you currently have the repository installed and wish to continue using it. If you remove the key the next fetch will fail.

Viewing Installed Keys

If you want to verify that a RSA public key has been installed or removed, you can view the list of all installed keys by executing:

ls -la /etc/apk/keys/
Debian logo

Debian Signing Key Installation

The following instructions are for Debian (e.g. apt, deb, dpkg) packages or compatible.

Automated Installation (Bash)

If you installed the consensys/helm repository by following one of the repository installation instructions then you don't need take any further action. The GPG key should already have been installed alongside the repository.

Manual Installation

If you'd like to manually install the GPG key, you can utilise curl to retrieve the GPG key and install it by executing:

curl -sL 'https://artifacts.consensys.net/public/helm/gpg.FA170723B67C7E97.key' | sudo apt-key add -

Or you can add it directly without curl by executing:

sudo apt-key add - <<EOF
    -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2
mQENBF9zyF4BCADCIWndLnhpKhBqpGSA4Lp51x93M8I09yL0yC0F9nvlMZQ6H8d+
AG6/x73gxp+UvqFFCvhKmZj9b6Y6N0n/0/AYGIXbovtAkHMfWvSuGMIMDawC03qA
I24HE/hf1h6D28EW+pAufswEmvzQOy8m9tjNY3Mc038G4GhE5+F7R2ZTUnSOL+Ct
bs+KSJaXlTff9yXK4aTSrEw/3KLYBsV8vGwWZ5r1eQauZ7Oy0BF42OvRxg4TtOdc
JnIEgGD6Kso/+alF/5h+WNd2uIn8GdKxa+21JBsOXvB9FsOSqV0Eqz0JJqEiMz7w
N1KQ9NckYebjC6aBS9lGrnUmZ1ckMgyEibgNABEBAAG0O0Nsb3Vkc21pdGggUGFj
a2FnZSAoY29uc2Vuc3lzL2hlbG0pIDxzdXBwb3J0QGNsb3Vkc21pdGguaW8+iQE3
BBMBCAAhBQJfc8heAhsvBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAAAoJEPoXByO2
fH6XF1YH/R9H12yDSEEBP+8u0hK4rkkyaYeCoytmd2i7V79yfn1QjVBXPzStgd5e
f7VrHzyjNYfWTm0cS2m6/Tn25kUqcF6seS/gEbYLDB/wxFthVWxxbSolQTBSdzMW
iCxT+/80FWCesIeMEMzZB8hqsVMnmYG2GALds20mpG7bvpy8zmsZxhTkTz/Q3X8c
XRt/ycpFAm0ZAreUEgupRHFEWxzLS47R+TC8WDt7o+MZ+OKvO7O5Fs9bIlY3k13g
7pmZiuPBD+vNO0S7iRYKjJv/5VGnvHfsiIzmte/cAkq6MRJyH/WWx2PnX7yTpXQT
bkv5WHZd6wiSQQIrRjsZwo/QTP3dNBo=
=Gg5C
-----END PGP PUBLIC KEY BLOCK-----
    EOF

Removing Installation / Uninstalling

If you want to remove the public GPG key for the consensys/helm repository then you can do so by executing the following:

sudo apt-key remove F7A05A0A75847D64E7D86FFCFA170723B67C7E97

Note: Don't do this if you currently have the repository installed and wish to continue using it. If you remove the key the next fetch will fail.

Viewing Installed Keys

If you want to verify that a GPG public key has been installed or removed, you can view the list of all installed keys by executing:

apt-key list
RedHat logo

RedHat Signing Key Installation

The following instructions are for RedHat (e.g. dnf, rpm, yum, zypper) packages or compatible.

Automated Installation (Bash)

If you installed the consensys/helm repository by following one of the repository installation instructions then you don't need take any further action. The GPG key should already have been installed alongside the repository.

Manual Installation

If you'd like to manually install the GPG key, you can utilise curl to retrieve the GPG key and install it by executing:

rpm --import 'https://artifacts.consensys.net/public/helm/gpg.FA170723B67C7E97.key'

Or you can add it directly without curl by executing:

cat > /tmp/consensys-helm.key <<EOF
    -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2
mQENBF9zyF4BCADCIWndLnhpKhBqpGSA4Lp51x93M8I09yL0yC0F9nvlMZQ6H8d+
AG6/x73gxp+UvqFFCvhKmZj9b6Y6N0n/0/AYGIXbovtAkHMfWvSuGMIMDawC03qA
I24HE/hf1h6D28EW+pAufswEmvzQOy8m9tjNY3Mc038G4GhE5+F7R2ZTUnSOL+Ct
bs+KSJaXlTff9yXK4aTSrEw/3KLYBsV8vGwWZ5r1eQauZ7Oy0BF42OvRxg4TtOdc
JnIEgGD6Kso/+alF/5h+WNd2uIn8GdKxa+21JBsOXvB9FsOSqV0Eqz0JJqEiMz7w
N1KQ9NckYebjC6aBS9lGrnUmZ1ckMgyEibgNABEBAAG0O0Nsb3Vkc21pdGggUGFj
a2FnZSAoY29uc2Vuc3lzL2hlbG0pIDxzdXBwb3J0QGNsb3Vkc21pdGguaW8+iQE3
BBMBCAAhBQJfc8heAhsvBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAAAoJEPoXByO2
fH6XF1YH/R9H12yDSEEBP+8u0hK4rkkyaYeCoytmd2i7V79yfn1QjVBXPzStgd5e
f7VrHzyjNYfWTm0cS2m6/Tn25kUqcF6seS/gEbYLDB/wxFthVWxxbSolQTBSdzMW
iCxT+/80FWCesIeMEMzZB8hqsVMnmYG2GALds20mpG7bvpy8zmsZxhTkTz/Q3X8c
XRt/ycpFAm0ZAreUEgupRHFEWxzLS47R+TC8WDt7o+MZ+OKvO7O5Fs9bIlY3k13g
7pmZiuPBD+vNO0S7iRYKjJv/5VGnvHfsiIzmte/cAkq6MRJyH/WWx2PnX7yTpXQT
bkv5WHZd6wiSQQIrRjsZwo/QTP3dNBo=
=Gg5C
-----END PGP PUBLIC KEY BLOCK-----
    EOF
    rpm --import /tmp/consensys-helm.key
    rm -f /tmp/consensys-helm.key

Removing Installation / Uninstalling

If you want to remove the public GPG key for the consensys/helm repository then you can do so by executing the following:

gpgkey=$(rpm -q gpg-pubkey --qf '%{name}-%{version}-%{release} %{summary}\n' | grep "(consensys/helm)" | awk '{ print $1 }')
test ! -z "$gpgkey" && sudo rpm -e --allmatches "$gpgkey"

Note: Don't do this if you currently have the repository installed and wish to continue using it. If you remove the key the next fetch will fail.

Viewing Installed Keys

If you want to verify that a GPG public key has been installed or removed, you can view the list of all installed keys by executing:

rpm -q gpg-pubkey --qf '%{name}-%{version}-%{release} --> %{summary}\n'

What's this page? All Cloudsmith repositories and packages are signed using GPG (or RSA) keys where supported. GPG (or RSA) signatures and checksums provide reliable mechanisms to ensure that the packages that you download/install are neither corrupt nor modified. GPG is generally preferred, but RSA is used for some package formats (such as Alpine). Learn more in the signing keys documentation.

Top