aboutsummaryrefslogtreecommitdiff
path: root/README
diff options
context:
space:
mode:
Diffstat (limited to 'README')
-rw-r--r--README22
1 files changed, 16 insertions, 6 deletions
diff --git a/README b/README
index c9a4741..a43d873 100644
--- a/README
+++ b/README
@@ -60,28 +60,39 @@ Your next step is tell keyringer the GPG key ids to encrypt files to:
keyringer <keyring> recipients edit
keyringer <keyring> recipients ls
-Encrypting a key
+Managing keys
----------------
+Each key has a corresponding file in your keys subdirectory.
+
+keyringer is agnostic about how you store your secrets. You may choose to have
+one key file that contains one line for each secret, e.g. a single file called
+secrets with lines such as:
+
+emma : root : secret1
+emma - /dev/hda : : secret2
+
+Or you may also have a different key file for each secret, e.g. a file called
+emma.root that contains the root passphrase for the server named emma and
+another called emma.hda with the passphrase to decrypt /dev/hda on emma.
+
+Encrypting a key
+
keyringer <keyring> encrypt <file>
Decrypting a key (only to stdout)
----------------------------------
keyringer <keyring> decrypt <file>
Re-encrypting a key
--------------------
keyringer <keyring> recrypt <file>
Appending information to a key
-------------------------------
keyringer <keyring> append <file>
Editing a key
--------------
To edit a key, use
@@ -91,7 +102,6 @@ Use this option with caution as it keeps temporary unencrypted data into keyring
temp folder and at your $EDITOR temp files.
Listing keys
-------------
keyringer <keyring> ls [arguments]