View Source mix nerves_hub.key (nerves_hub_cli v2.0.1)
Manages firmware signing keys
Firmware signing keys consist of public and private keys. The mix nerves_hub.key
task manages both pieces for you. Private signing keys are
password-protected and are NEVER sent to NervesHub or any other server.
Public keys, however, are registered with NervesHub and embedded in your
firmware.
Signing keys are stored in ~/.nerves-hub/keys
. Keys may be shared between
developers by copying the files in this folder.
NervesHub can manage more than one key so that you can have different development and production keys in use. For example, production devices deployed with only the production public key will not accept firmware signed by development keys.
To ensure that firmware includes keys registered with NervesHub, add the
following entry in your project's config.exs
:
# List the public firmware signing keys to include on the device
config :nerves_hub,
public_keys: [:my_dev_key, :my_prod_key]
list
List the keys known to NervesHub
mix nerves_hub.key list
Command-line options
--local
- (Optional) Do not request key information from NervesHub
create
Create a new firmware signing key pair with the specified name and register the public key with NervesHub
mix nerves_hub.key create NAME
Command-line options
--local
- (Optional) Do not register the public key with NervesHub
delete
Delete a signing key locally and on NervesHub
mix nerves_hub.key delete NAME
Command-line options
--local
- (Optional) Perform the operation only locally defaults tofalse
which will perform both local and remote operations
import
Import an existing key locally and on NervesHub
mix nerves_hub.key import NAME PUBLIC_KEY_FILE PRIVATE_KEY_FILE
Command-line options
--local
- (Optional) Do not register the public key with NervesHub
export
Export a signing key to a tar.gz archive.
mix nerves_hub.key export NAME
Command-line options
--path
- (Optional) A local location for exporting keys.
Summary
Functions
Callback implementation for Mix.Task.run/1
.