diff --git a/pmb/helpers/frontend.py b/pmb/helpers/frontend.py
index 49f340f0..0c8a357b 100644
--- a/pmb/helpers/frontend.py
+++ b/pmb/helpers/frontend.py
@@ -1,5 +1,6 @@
 # Copyright 2020 Oliver Smith
 # SPDX-License-Identifier: GPL-3.0-or-later
+import glob
 import json
 import logging
 import os
@@ -252,6 +253,18 @@ def install(args):
                      " different cipher with 'pmbootstrap install --cipher=..."
                      " --fde --android-recovery-zip'.")
 
+    # Don't install locally compiled packages and package signing keys
+    if not args.install_local_pkgs:
+        # Implies that we don't build outdated packages (overriding the answer
+        # in 'pmbootstrap init')
+        args.build_pkgs_on_install = False
+
+        # Safest way to avoid installing local packages is having none
+        if glob.glob(f"{args.work}/packages/*"):
+            raise ValueError("--no-local-pkgs specified, but locally built"
+                             " packages found. Consider 'pmbootstrap zap -p'"
+                             " to delete them.")
+
     pmb.install.install(args)
 
 
diff --git a/pmb/install/_install.py b/pmb/install/_install.py
index e8d1bdfa..78bc3ee8 100644
--- a/pmb/install/_install.py
+++ b/pmb/install/_install.py
@@ -154,12 +154,20 @@ def create_home_from_skel(args):
 
 def configure_apk(args):
     """
-    Copies over all keys used locally to compile packages, and disables the
-    /mnt/pmbootstrap-packages repository.
+    Copy over all official keys, and the keys used to compile local packages
+    (unless --no-local-pkgs is set). Then disable the /mnt/pmbootstrap-packages
+    repository.
     """
+    # Official keys
+    pattern = f"{pmb.config.apk_keys_path}/*.pub"
+
+    # Official keys + local keys
+    if args.install_local_pkgs:
+        pattern = f"{args.work}/config_apk_keys/*.pub"
+
     # Copy over keys
     rootfs = args.work + "/chroot_native/mnt/install"
-    for key in glob.glob(args.work + "/config_apk_keys/*.pub"):
+    for key in glob.glob(pattern):
         pmb.helpers.run.root(args, ["cp", key, rootfs + "/etc/apk/keys/"])
 
     # Disable pmbootstrap repository
diff --git a/pmb/parse/arguments.py b/pmb/parse/arguments.py
index cd47b298..253f0666 100644
--- a/pmb/parse/arguments.py
+++ b/pmb/parse/arguments.py
@@ -562,6 +562,9 @@ def arguments():
                          help="wrap the resulting image in a graphical"
                               " on-device installer, so the installation can"
                               " be customized after flashing")
+    install.add_argument("--no-local-pkgs", dest="install_local_pkgs",
+                         help="do not install locally compiled packages and"
+                              " package signing keys", action="store_false")
     group = install.add_mutually_exclusive_group()
     group.add_argument("--sparse", help="generate sparse image file"
                        " (even if unsupported by device)", default=None,