InfluxData - Package Repository

Instructions

This package repository contains RPM and DEB builds of the InfluxData products, including InfluxDB, Telegraf, Chronograf, and Kapacitor. Below are instructions on how to add this package repo to both RPM and DEB based systems.

GPG Keys

The key used for package signing uses a primary key with signing subkeys that have an expiration. When needed, new signing subkeys with expiry are added to the GPG key. In this manner, users may consistently fetch the GPG key and verify the primary key's fingerprint to ensure the correct key is being used. This approach allows for a consistent and secure user experience even in the event of key rotations.

Users should always use the influxdata-archive.key key unless using an older distribution that doesn't have support for verifying subkeys in APT and RPM (e.g. CentOS/RHEL 7, Ubuntu 18.04 LTS, or Debian Buster), where the influxdata-archive_compat.key is required for use.

• influxdata-archive.key: preferred key

  
    $ wget -q https://repos.influxdata.com/influxdata-archive.key
    $ gpg --no-default-keyring --show-keys --with-subkey-fingerprints ./influxdata-archive.key
    pub   rsa4096 2023-01-18 [SC]
          24C975CBA61A024EE1B631787C3D57159FC2F927
    uid                      InfluxData Package Signing Key 
    sub   rsa4096 2023-01-18 [S] [expires: 2026-01-17]
          9D539D90D3328DC7D6C8D3B9D8FF8E1F7DF8B07E
          

• influxdata-archive_compat.key: compatibility key for older distributions

  
    $ wget -q https://repos.influxdata.com/influxdata-archive_compat.key
    $ gpg --no-default-keyring --show-keys --with-subkey-fingerprints ./influxdata-archive_compat.key
    pub   rsa4096 2023-01-18 [SC] [expires: 2026-01-17]
          9D539D90D3328DC7D6C8D3B9D8FF8E1F7DF8B07E
    uid                      InfluxData Package Signing Key 
          

• influxdb.key: obsolete (revoked), do not use
• influxdb2.key: obsolete (revoked), do not use

NOTICE 2025-11-17: InfluxData is in the process of updating its signing subkey which expires in January 2026 (see our blog post). When completed, influxdata-archive.key will be updated to also contain the new signing subkey:

  $ gpg --no-default-keyring --show-keys --with-subkey-fingerprints ./influxdata-archive.key
  pub   rsa4096 2023-01-18 [SC]
        24C975CBA61A024EE1B631787C3D57159FC2F927
  uid                      InfluxData Package Signing Key 
  sub   rsa4096 2023-01-18 [S] [expires: 2026-01-17]
        9D539D90D3328DC7D6C8D3B9D8FF8E1F7DF8B07E
  sub   rsa4096 2025-07-10 [S] [expires: 2029-01-17]
        AC10D7449F343ADCEFDDC2B6DA61C26A0585BD3B
      

  $ gpg --no-default-keyring --show-keys --with-subkey-fingerprints ./influxdata-archive_compat-exp2029.key
  pub   rsa4096 2025-07-10 [SC] [expires: 2029-01-17]
        AC10D7449F343ADCEFDDC2B6DA61C26A0585BD3B
  uid                      InfluxData Package Signing Key 
      

DEB Repository

For DEB-based platforms (e.g. Ubuntu, Debian):

  $ wget -q https://repos.influxdata.com/influxdata-archive.key
  $ gpg --show-keys --with-fingerprint --with-colons ./influxdata-archive.key 2>&1 | grep -q '^fpr:\+24C975CBA61A024EE1B631787C3D57159FC2F927:$' && cat influxdata-archive.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/influxdata-archive.gpg > /dev/null
  $ echo 'deb [signed-by=/etc/apt/trusted.gpg.d/influxdata-archive.gpg] https://repos.influxdata.com/debian stable main' | sudo tee /etc/apt/sources.list.d/influxdata.list
    

RPM Repository

For RPM-based platforms (e.g. RHEL, CentOS):

  $ cat <<EOF | sudo tee /etc/yum.repos.d/influxdata.repo
  [influxdata]
  name = InfluxData Repository - Stable
  baseurl = https://repos.influxdata.com/stable/\$basearch/main
  enabled = 1
  gpgcheck = 1
  gpgkey = https://repos.influxdata.com/influxdata-archive.key
  EOF