aboutsummaryrefslogtreecommitdiff
path: root/share/man
diff options
context:
space:
mode:
Diffstat (limited to 'share/man')
-rw-r--r--share/man/keyringer.118
-rw-r--r--share/man/keyringer.1.mdwn49
2 files changed, 48 insertions, 19 deletions
diff --git a/share/man/keyringer.1 b/share/man/keyringer.1
index f460cbf..95c236d 100644
--- a/share/man/keyringer.1
+++ b/share/man/keyringer.1
@@ -62,6 +62,11 @@ applied in the keyring repository.
.RS
.RE
.TP
+.B commit [\f[I]arguments\f[]]
+Alias to "git commit".
+.RS
+.RE
+.TP
.B ls <\f[I]path\f[]>
List contents from the toplevel repository \f[I]keys\f[] folder or from
relative paths if \f[I]path\f[] is specified.
@@ -169,6 +174,10 @@ Edit a secret by temporarily decrypting it, opening the decrypted copy
into the text editor defined by the \f[I]$EDITOR\f[] environment
variable and then re-encrypting it.
.RS
+.PP
+Please make sure to use an
+\f[I]\f[I]E\f[]\f[I]D\f[]\f[I]I\f[]\f[I]T\f[]\f[I]O\f[]\f[I]R\f[] * \f[I]w\f[]\f[I]h\f[]\f[I]i\f[]\f[I]c\f[]\f[I]h\f[]\f[I]d\f[]\f[I]o\f[]\f[I]e\f[]\f[I]s\f[]\f[I]n\f[]\f[I]o\f[]\f[I]t\f[]\f[I]l\f[]\f[I]e\f[]\f[I]a\f[]\f[I]k\f[]\f[I]d\f[]\f[I]a\f[]\f[I]t\f[]\f[I]a\f[]\f[I]l\f[]\f[I]i\f[]\f[I]k\f[]\f[I]e\f[]\f[I]h\f[]\f[I]i\f[]\f[I]s\f[]\f[I]t\f[]\f[I]o\f[]\f[I]r\f[]\f[I]y\f[]\f[I]b\f[]\f[I]u\f[]\f[I]f\f[]\f[I]f\f[]\f[I]e\f[]\f[I]r\f[]\f[I]s\f[]. \f[I]K\f[]\f[I]e\f[]\f[I]y\f[]\f[I]r\f[]\f[I]i\f[]\f[I]n\f[]\f[I]g\f[]\f[I]e\f[]\f[I]r\f[]\f[I]t\f[]\f[I]r\f[]\f[I]i\f[]\f[I]e\f[]\f[I]s\f[]\f[I]t\f[]\f[I]o\f[]\f[I]d\f[]\f[I]e\f[]\f[I]t\f[]\f[I]e\f[]\f[I]c\f[]\f[I]t\f[]\f[I]i\f[]\f[I]f\f[] * EDITOR\f[]
+is set to VIM and disables the \f[I]\&.viminfo\f[] file.
.RE
.TP
.B encrypt <\f[I]secret\f[]> [\f[I]file\f[]]
@@ -329,7 +338,10 @@ keyringer repository can discover all public key IDs used for
encryption, and which secrets are encrypted to which keys.
This can be improved in the future by encrypting the repository
configuration with support for the \f[I]\-\-hidden-recipient\f[] GnuPG
-option.
+option and encrypted repository options.
+.PP
+To mitigate that, it\[aq]s possible to keep the repo just atop of an
+encrypted and non-public place.
.IP "2." 3
History is not rewritten by default when secrets are removed from a
keyringer repository.
@@ -354,6 +366,10 @@ knowledge of the previous secret.
Users wishing to edit their repository history should proceed manually
using the \f[I]git\f[] action.
.RE
+.IP "3." 3
+Keyringer does not protect data which were not encrypted to a keyring,
+so be careful when decrypting secrets and writing them to the disk or
+other storage media.
.SH SEE ALSO
.PP
The \f[I]README\f[] file distributed with Keyringer contains full
diff --git a/share/man/keyringer.1.mdwn b/share/man/keyringer.1.mdwn
index adbaaa2..407baaa 100644
--- a/share/man/keyringer.1.mdwn
+++ b/share/man/keyringer.1.mdwn
@@ -57,6 +57,9 @@ git <*action*> <*options*>
: Git wrapper that operates from the toplevel keyring repository. You can issue any
*GIT(1)* subcommand with this action to have it applied in the keyring repository.
+commit [*arguments*]
+: Alias to "git commit".
+
ls <*path*>
: List contents from the toplevel repository *keys* folder or from relative paths
if *path* is specified. Like the git wrapper, this is a wrapper around the *LS(1)*
@@ -129,9 +132,12 @@ mv <*secret*> <*dest*>
: Rename a secret.
edit <*secret*>
-: Edit a secret by temporarily decrypting it, opening the decrypted copy into the
+: Edit a secret by temporarily decrypting it, opening the decrypted copy into the
text editor defined by the *$EDITOR* environment variable and then re-encrypting it.
+ Please make sure to use an *$EDITOR* which does not leak data like history buffers.
+ Keyringer tries to detect if *$EDITOR* is set to VIM and disables the *.viminfo* file.
+
encrypt <*secret*> [*file*]
: Encrypts content from standard input or *file* into *secret* pathname. No spaces
are supported in the *secret* name. If *file* is actually a folder, keyringer
@@ -245,31 +251,38 @@ $KEYRING_FOLDER/config/options
Keyringer currently has the following limitations:
1. Metadata is not encrypted, meaning that an attacker with access to a keyringer
- repository can discover all public key IDs used for encryption, and which secrets
- are encrypted to which keys. This can be improved in the future by encrypting
- the repository configuration with support for the *--hidden-recipient* GnuPG
- option.
+ repository can discover all public key IDs used for encryption, and which secrets
+ are encrypted to which keys. This can be improved in the future by encrypting
+ the repository configuration with support for the *--hidden-recipient* GnuPG
+ option and encrypted repository options.
+
+ To mitigate that, it's possible to keep the repo just atop of an encrypted and
+ non-public place.
2. History is not rewritten by default when secrets are removed from a keyringer
- repository. After a secret is removed with the *del* action, it will still be
- available in the repository history even after a commit. This is by design
- for the following reasons:
+ repository. After a secret is removed with the *del* action, it will still be
+ available in the repository history even after a commit. This is by design
+ for the following reasons:
- It's the default behavior of the Git content tracker. Forcing the
- deletion by default could break the expected behavior and hence limit
- the repository's backup features, which can be helpful if someone
- mistakenly overwrites a secret.
+ deletion by default could break the expected behavior and hence limit
+ the repository's backup features, which can be helpful if someone
+ mistakenly overwrites a secret.
- History rewriting cannot be considered a security measure against the
- unauthorized access to a secret as it doesn't automatically update all
- working copies of the repository.
+ unauthorized access to a secret as it doesn't automatically update all
+ working copies of the repository.
+
+ In the case that the secret is a passphrase, the recommended measure
+ against such attacks is to change the passphrase, making useless the
+ knowledge of the previous secret.
- In the case that the secret is a passphrase, the recommended measure
- against such attacks is to change the passphrase, making useless the
- knowledge of the previous secret.
+ Users wishing to edit their repository history should proceed manually
+ using the *git* action.
- Users wishing to edit their repository history should proceed manually
- using the *git* action.
+3. Keyringer does not protect data which were not encrypted to a keyring,
+ so be careful when decrypting secrets and writing them to the disk or
+ other storage media.
# SEE ALSO