diff options
-rw-r--r-- | index.mdwn | 13 | ||||
-rw-r--r-- | share/man/keyringer.1.mdwn | 63 |
2 files changed, 50 insertions, 26 deletions
@@ -164,15 +164,12 @@ Concepts Basic idea is: - - Encrypt stuff with ppl's gpg pubkeys and push the output in a git repo. + - Encrypt stuff with multiple users's gpg pubkeys and push the output in a git repo. - - Let ppl keep it in sync with the repo and the keys are shared :) + - Let users keep it in sync with the repo and the secrets are shared :) -For "key" it's meant anything as the script work with stdin and output things to -files, so it can be passphrases, private keys or other kind of info. - -It's possible to share keys using an encrypted mailing list, but the main -difficulty is to track the message where the keys are. +For "secrets" it's meant anything as the script work with stdin and output things to +files, so it can be passphrases, private keys or other kind of information. With theses scripts, the workflow is more or less like this: @@ -185,7 +182,7 @@ With theses scripts, the workflow is more or less like this: - You manually add it to git and push it to remote repositories. - - Optionally, other ppl pulls the changes but they dont need to + - Optionally, other users pulls the changes but they dont need to decrypt anything until they need to use the keys. So it's just gpg-encrypted data atop of a git repository (one can think of a diff --git a/share/man/keyringer.1.mdwn b/share/man/keyringer.1.mdwn index 14ae687..e2e5ba7 100644 --- a/share/man/keyringer.1.mdwn +++ b/share/man/keyringer.1.mdwn @@ -15,30 +15,34 @@ keyringer <*keyring*> <*action*> [*options*]... Keyringer lets you manage and share secrets using GPG and git with custom commands to encrypt, decrypt, recrypt, create key pairs, etc. +Secrets are encrypted using GPG and added to a git tree so later then can +be synced with remote branches. + # ACTIONS Keyringer has three types of actions: -1. Configuration actions. +1. Repository lookup and manipulation actions. 2. Secret manipulation actions. -3. Repository lookup and manipulation actions. +3. Configuration actions. -## CONFIGURATION ACTIONS +# REPOSITORY LOOKUP AND MANIPULATION ACTIONS -commands -: List available actions, useful for shell completion and syntax check. +init <*path*> [*remote*] +: Initialize a new keyringer repository. If a *remote* URL is specified, keyringer will + clone an existing repository. -options <*ls*|*edit*|*add*> -: List, edit or add miscelaneous *repository options*. + After initialization, *path* will contain a folder structure for storing secrets + and metadata (user aka recipients, groups of recipients, etc). -preferences <*ls*|*edit*|*add*> -: List, edit or add *user options* for a given repository. + Also, an entry on `$HOME/.keyringer/config` will be added allowing keyringer to + find the keyring by it's alias. -recipients <*ls*|*edit*> <*recipient-file*> -: List or edit recipient configuration. +git <*action*> <*options*> +: Git wrapper that operates from the toplevel keyring repository. -usage -: Show usage information. +ls <*path*> +: List contents from the toplevel repository *keys* folder or from relative *path*. ## SECRET MANIPULATION ACTIONS @@ -83,13 +87,36 @@ recrypt <*SECRET*> into recipient configuration. If no *SECRET* is given, all secrets in the repository are re-encrypted. -# REPOSITORY LOOKUP AND MANIPULATION ACTIONS +## CONFIGURATION ACTIONS -git <*action*> <*options*> -: Git wrapper that operates from the toplevel keyring repository. +commands +: List available actions, useful for shell completion and syntax check. + +options <*ls*|*edit*|*add*> +: List, edit or add miscelaneous *repository options*. + +preferences <*ls*|*edit*|*add*> +: List, edit or add *user options* for a given repository. + +recipients <*ls*|*edit*> <*recipient-file*> +: List or edit recipient configuration. + +usage +: Show usage information. + +# FILES + +$HOME/.keyringer/config +: User's main configuration file used to map alias names to keyrings. + +$HOME/.keyringer/*keyring* +: User preferences for the keyringer aliased *keyring*. + +$KEYRING_FOLDER/config/options +: Custom keyring options which will be applied for all users that use + the keyringer repository. -ls <*PATH*> -: List contents from the toplevel repository *keys* folder or from relative *PATH*. +# LIMITATIONS # SEE ALSO |