diff options
| -rw-r--r-- | README | 36 | ||||
| -rwxr-xr-x | share/keyringer/ssss-split | 17 |
2 files changed, 53 insertions, 0 deletions
@@ -79,6 +79,42 @@ Fill it with your friends key IDs. Now encrypt a secret just for then: In other words, if keyringer finds a recipient file matching a given path, it will use it instead of the global recipients file. +SSSS Support +------------ + +SSSS support comes with "ssss group" files where each file (say +config/ssss/ssss-groupA) has one recipient file per line. + +Command line syntax is: + + keyringer <keyring> ssss-split <secret-name> [ssss-group] [ssss-options] + +So if we have: + + config/recipients/recipientsA: + + user1@domain + user2@domain + + config/recipients/recipientsB + + user3@domain + user4@domain + + config/ssss/ssss-groupA: + + recipientsA + recipientsB + +Then the following command + + keyringer <keyring> ssss-split secret-data ssss-groupA + +would split some data into distinct files: + + keys/recipientsA/secret-data.asc: encrypted to user{1,2}@domain + keys/recipientsB/secret-data.asc: encrypted to user{3,4}@domain + Managing keys ---------------- diff --git a/share/keyringer/ssss-split b/share/keyringer/ssss-split new file mode 100755 index 0000000..e414f0f --- /dev/null +++ b/share/keyringer/ssss-split @@ -0,0 +1,17 @@ +#!/bin/bash +# +# Encrypt files to multiple recipients using SSSS. +# + +# Load functions +LIB="`dirname $0`/../../lib/keyringer/functions" +source "$LIB" || exit 1 + +# Check requirements +ssss="`which ssss`"; +if [ "$?" != "0" ]; then + echo "Please install ssss first." + exit 1 +fi + +# TODO |