mix nerves_hub.key (nerves_hub_cli v0.11.1) View Source

Manages firmware signing keys

Firmware signing keys consist of public and private keys. The mix nerves_hub.key task manages both pieces for you. Private signing keys are password-protected and are NEVER sent to NervesHub or any other server. Public keys, however, are registered with NervesHub and embedded in your firmware.

Signing keys are stored in ~/.nerves-hub/keys. Keys may be shared between developers by copying the files in this folder.

NervesHub can manage more than one key so that you can have different development and production keys in use. For example, production devices deployed with only the production public key will not accept firmware signed by development keys.

To ensure that firmware includes keys registered with NervesHub, add the following entry in your project's config.exs:

# List the public firmware signing keys to include on the device
config :nerves_hub,
  public_keys: [:my_dev_key, :my_prod_key]


List the keys known to NervesHub

mix nerves_hub.key list

Command-line options

  • --local - (Optional) Do not request key information from NervesHub


Create a new firmware signing key pair with the specified name and register the public key with NervesHub

mix nerves_hub.key create NAME

Command-line options

  • --local - (Optional) Do not register the public key with NervesHub


Delete a signing key locally and on NervesHub

mix nerves_hub.key delete NAME

Command-line options

  • --local - (Optional) Perform the operation only locally defaults to false which will perform both local and remote operations


Import an existing key locally and on NervesHub

mix nerves_hub.key import NAME PUBLIC_KEY_FILE PRIVATE_KEY_FILE

Command-line options

  • --local - (Optional) Do not register the public key with NervesHub


Export a signing key to a tar.gz archive.

mix nerves_hub.key export NAME

Command-line options

  • --path - (Optional) A local location for exporting keys.

Link to this section Summary

Link to this section Functions

Link to this function

delete_remote(name, org)

View Source
Link to this function

import(name, org, public_key_file, private_key_file, opts)

View Source


render_help() :: no_return()

Callback implementation for Mix.Task.run/1.