Trust centre

Public trust is split between release artifacts and package updates.

SentinelOS uses detached signatures for downloadable bundles and signed APT metadata for package distribution. Both paths are public and user-controlled.

Website

Static public information and downloads. No account dashboard or telemetry channel.

live

Release key

Signs checksum files for published downloadable bundles.

published

Archive key

Signs APT repository metadata for package updates.

published

APT repo

Serves signed metadata and packages from repo.sentinellinux.org.

live

APT archive key identity

active
UID
SentinelOS_APT_Repository_Signing <a.e.g.i.s@tuta.io>
Comment
SentinelOS public APT repository signing key; sentinellinux.org
Fingerprint
1A30 F833 9972 CF43 7256 D14F 60D4 3870 3CF1 F577
Public key
sentinelos-archive-key.asc
Package-governed updates

The repository is the upgrade backbone.

SentinelOS packages remain Debian-compatible. The Sentinel Program Manager should remain an apt/dpkg frontend, not a separate package system.

Signed APT metadata
  → apt update
  → apt install / apt upgrade
  → Sentinel Program Manager GUI
  → dpkg status remains authoritative
Boundary: SentinelOS does not require users to connect to a hosted account dashboard. The website informs, the repository distributes, packages upgrade, and the user controls.