From 869c94126999d8291cbb936edb2790693bfb63a4 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Fri, 29 Mar 2013 13:23:29 -0300 Subject: Adding index page --- index.mdwn | 1 + 1 file changed, 1 insertion(+) create mode 120000 index.mdwn (limited to 'index.mdwn') diff --git a/index.mdwn b/index.mdwn new file mode 120000 index 0000000..100b938 --- /dev/null +++ b/index.mdwn @@ -0,0 +1 @@ +README \ No newline at end of file -- cgit v1.2.3 From 94dbae38c91dd2e2817d06921b347bf486805397 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Fri, 29 Mar 2013 14:46:03 -0300 Subject: Moving README to index and vice-versa --- README | 223 ------------------------------------------------------------ index.mdwn | 224 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 223 insertions(+), 224 deletions(-) delete mode 100644 README mode change 120000 => 100644 index.mdwn (limited to 'index.mdwn') diff --git a/README b/README deleted file mode 100644 index 0f77dc2..0000000 --- a/README +++ /dev/null @@ -1,223 +0,0 @@ -Keyringer -========= - -Keyringer lets you manage and share secrets using GPG and git in a distributed -fashion. It has custom commands to encrypt, decrypt, recrypt, create key pairs, -etc. - -Homepage: https://keyringer.sarava.org - -Requirements ------------- - -Keyringer needs: - - - Bash - http://tiswww.case.edu/php/chet/bash/bashtop.html - - Git - http://git-scm.com - - GNU Privacy Guard - http://gnupg.org - - Grep, awk, tail, cut, sed and other GNU tools - -Optional dependencies if you want to manage ssl keys: - - - OpenSSL - http://www.openssl.org - -Installation ------------- - -Just clone - - git clone git://git.sarava.org/keyringer.git - -And then leave it somewhere, optionally adding it to your $PATH environment variable. -You can also package it to your preferred distro. - -Creating a keyringer repository -------------------------------- - -The first step is to setup a keyring. - -Keyringer supports management of multiple isolated keyrings. To start -a new keyring (or register an existing one with your config file), -run: - - keyringer init [remote] - -This will - - 1. Add an entry at $HOME/.keyringer/config aliasing 'keyring' to 'path'. - 2. Initialize a git repository if needed. - -For example, - - keyringer friends init $HOME/keyrings/friends - -will create an alias "friends" pointing to $HOME/keyrings/friends. Call all -other keyring actions using this alias. - -If there is an existing remote keyring git repository and you just -want to checkout it, use - - keyringer friends init $HOME/keyrings/friends - -Managing recipients -------------------- - -Your next step is tell keyringer the GPG key ids to encrypt files to: - - keyringer recipients edit [recipient-name] - keyringer recipients ls - -Keyringer support multiple recipients in a per-folder style. Try it by -creating a sample keyringer - - keyringer recipients edit closest-friends - -Fill it with your friends key IDs. Now encrypt a secret just for then: - - keyringer encrypt closest-friends/secret - -In other words, if keyringer finds a recipient file matching a given path, -it will use it instead of the global recipients file. - -Managing keys ----------------- - -Each key has a corresponding file in your keys subdirectory. - -keyringer is agnostic about how you store your secrets. You may choose to have -one key file that contains one line for each secret, e.g. a single file called -secrets with lines such as: - -emma : root : secret1 -emma - /dev/hda : : secret2 - -Or you may also have a different key file for each secret, e.g. a file called -emma.root that contains the root passphrase for the server named emma and -another called emma.hda with the passphrase to decrypt /dev/hda on emma. - -Encrypting a key - - keyringer encrypt - -Decrypting a key (only to stdout) - - keyringer decrypt - -Re-encrypting a key or the whole repository - - keyringer recrypt [file] - -Appending information to a key - - keyringer append - -Editing a key - -To edit a key, use - - keyringer edit - -Use this option with caution as it keeps temporary unencrypted data -into keyringer temp folder and at your editor's temp files. - -Listing keys - - keyringer ls [arguments] - -Git wrapper ------------ - -Keyringer comes with a simple git wrapper to ease common management tasks: - - keyringer git remote add keyringer - keyringer git push keyringer master - keyringer git pull - -Configuration files, preferences and options --------------------------------------------- - - 1. Main config file: $HOME/.keyringer/config: store the location of - each keyring. - - 2. User preferences per keyring: $HOME/.keyringer/: managed by - "keyringer preferences". - - 3. Custom keyring options: $KEYRING_FOLDER/config/options: managed by - "keyringer options". - -Using a non-default OpenPGP key -------------------------------- - -If you want to use a different key other than your default for a given -keyringer, use - - keyringer preferences add KEYID=FINGERPRINT - -Notes ------ - - 1. The is any file inside the keys/ folder of your - keyring directory. - - 2. Never decrypt a key and write it to the disk, except - if you're adding it to your personall keyring. - - 3. Recipients are defined at file config/recipients. - Please add just trustable recipients. - -Concepts --------- - -Basic idea is: - - - Encrypt stuff with ppl's gpg pubkeys and push the output - in a git repo. - - - Let ppl keep it in sync with the repo and the keys are - shared :) - -For "key" it's meant anything as the script work with stdin and output things to -files, so it can be passphrases, private keys or other kind of info. - -It's possible to share keys using an encrypted mailing list, but the main -difficulty is to track the message where the keys are. - -With theses scripts, the workflow is more or less like this: - - - You have a git repo for secret keys. - - - You run the "encrypt" command and paste your private key to this - command (so no plaintext disk write). - - - The encrypt command writes an encrypted file to the repo. - - - You manually add it to git and push it to remote repositories. - - - Optionally, other ppl pulls the changes but they dont need to - decrypt anything until they need to use the keys. - -So it's just gpg-encrypted data atop of a git repository (one can think of a -kind of distributed encrypted filesystem). - -Git was chosen to host encrypted info mostly for two reasos: easy to distribute -and its the only VCS known to make easier repository history manipulation. - -One possible drawback: the repo has pubkey information attached, which can be -linked to real ppl (and then disclose the information about who has access to a -given key), but it's possible to: - - - Keep the repo just atop of an encrypted and non-public place. - - - Or to consider an integration with gpg's --hidden-recipient option. - -Notes: Using with GNU Privacy Guard ------------------------------------ - -Exporting public keys: - - gpg --armor --export - -Exporting private keys (take care): - - gpg --armor --export-secret-keys - diff --git a/index.mdwn b/index.mdwn deleted file mode 120000 index 100b938..0000000 --- a/index.mdwn +++ /dev/null @@ -1 +0,0 @@ -README \ No newline at end of file diff --git a/index.mdwn b/index.mdwn new file mode 100644 index 0000000..0f77dc2 --- /dev/null +++ b/index.mdwn @@ -0,0 +1,223 @@ +Keyringer +========= + +Keyringer lets you manage and share secrets using GPG and git in a distributed +fashion. It has custom commands to encrypt, decrypt, recrypt, create key pairs, +etc. + +Homepage: https://keyringer.sarava.org + +Requirements +------------ + +Keyringer needs: + + - Bash - http://tiswww.case.edu/php/chet/bash/bashtop.html + - Git - http://git-scm.com + - GNU Privacy Guard - http://gnupg.org + - Grep, awk, tail, cut, sed and other GNU tools + +Optional dependencies if you want to manage ssl keys: + + - OpenSSL - http://www.openssl.org + +Installation +------------ + +Just clone + + git clone git://git.sarava.org/keyringer.git + +And then leave it somewhere, optionally adding it to your $PATH environment variable. +You can also package it to your preferred distro. + +Creating a keyringer repository +------------------------------- + +The first step is to setup a keyring. + +Keyringer supports management of multiple isolated keyrings. To start +a new keyring (or register an existing one with your config file), +run: + + keyringer init [remote] + +This will + + 1. Add an entry at $HOME/.keyringer/config aliasing 'keyring' to 'path'. + 2. Initialize a git repository if needed. + +For example, + + keyringer friends init $HOME/keyrings/friends + +will create an alias "friends" pointing to $HOME/keyrings/friends. Call all +other keyring actions using this alias. + +If there is an existing remote keyring git repository and you just +want to checkout it, use + + keyringer friends init $HOME/keyrings/friends + +Managing recipients +------------------- + +Your next step is tell keyringer the GPG key ids to encrypt files to: + + keyringer recipients edit [recipient-name] + keyringer recipients ls + +Keyringer support multiple recipients in a per-folder style. Try it by +creating a sample keyringer + + keyringer recipients edit closest-friends + +Fill it with your friends key IDs. Now encrypt a secret just for then: + + keyringer encrypt closest-friends/secret + +In other words, if keyringer finds a recipient file matching a given path, +it will use it instead of the global recipients file. + +Managing keys +---------------- + +Each key has a corresponding file in your keys subdirectory. + +keyringer is agnostic about how you store your secrets. You may choose to have +one key file that contains one line for each secret, e.g. a single file called +secrets with lines such as: + +emma : root : secret1 +emma - /dev/hda : : secret2 + +Or you may also have a different key file for each secret, e.g. a file called +emma.root that contains the root passphrase for the server named emma and +another called emma.hda with the passphrase to decrypt /dev/hda on emma. + +Encrypting a key + + keyringer encrypt + +Decrypting a key (only to stdout) + + keyringer decrypt + +Re-encrypting a key or the whole repository + + keyringer recrypt [file] + +Appending information to a key + + keyringer append + +Editing a key + +To edit a key, use + + keyringer edit + +Use this option with caution as it keeps temporary unencrypted data +into keyringer temp folder and at your editor's temp files. + +Listing keys + + keyringer ls [arguments] + +Git wrapper +----------- + +Keyringer comes with a simple git wrapper to ease common management tasks: + + keyringer git remote add keyringer + keyringer git push keyringer master + keyringer git pull + +Configuration files, preferences and options +-------------------------------------------- + + 1. Main config file: $HOME/.keyringer/config: store the location of + each keyring. + + 2. User preferences per keyring: $HOME/.keyringer/: managed by + "keyringer preferences". + + 3. Custom keyring options: $KEYRING_FOLDER/config/options: managed by + "keyringer options". + +Using a non-default OpenPGP key +------------------------------- + +If you want to use a different key other than your default for a given +keyringer, use + + keyringer preferences add KEYID=FINGERPRINT + +Notes +----- + + 1. The is any file inside the keys/ folder of your + keyring directory. + + 2. Never decrypt a key and write it to the disk, except + if you're adding it to your personall keyring. + + 3. Recipients are defined at file config/recipients. + Please add just trustable recipients. + +Concepts +-------- + +Basic idea is: + + - Encrypt stuff with ppl's gpg pubkeys and push the output + in a git repo. + + - Let ppl keep it in sync with the repo and the keys are + shared :) + +For "key" it's meant anything as the script work with stdin and output things to +files, so it can be passphrases, private keys or other kind of info. + +It's possible to share keys using an encrypted mailing list, but the main +difficulty is to track the message where the keys are. + +With theses scripts, the workflow is more or less like this: + + - You have a git repo for secret keys. + + - You run the "encrypt" command and paste your private key to this + command (so no plaintext disk write). + + - The encrypt command writes an encrypted file to the repo. + + - You manually add it to git and push it to remote repositories. + + - Optionally, other ppl pulls the changes but they dont need to + decrypt anything until they need to use the keys. + +So it's just gpg-encrypted data atop of a git repository (one can think of a +kind of distributed encrypted filesystem). + +Git was chosen to host encrypted info mostly for two reasos: easy to distribute +and its the only VCS known to make easier repository history manipulation. + +One possible drawback: the repo has pubkey information attached, which can be +linked to real ppl (and then disclose the information about who has access to a +given key), but it's possible to: + + - Keep the repo just atop of an encrypted and non-public place. + + - Or to consider an integration with gpg's --hidden-recipient option. + +Notes: Using with GNU Privacy Guard +----------------------------------- + +Exporting public keys: + + gpg --armor --export + +Exporting private keys (take care): + + gpg --armor --export-secret-keys + -- cgit v1.2.3 From 7711eb396480df0ef0bc8a7c7edd59cbb6c7c6bf Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Fri, 29 Mar 2013 15:01:04 -0300 Subject: Project page and issue tracker --- index.mdwn | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'index.mdwn') diff --git a/index.mdwn b/index.mdwn index 0f77dc2..39bf5a9 100644 --- a/index.mdwn +++ b/index.mdwn @@ -5,7 +5,8 @@ Keyringer lets you manage and share secrets using GPG and git in a distributed fashion. It has custom commands to encrypt, decrypt, recrypt, create key pairs, etc. -Homepage: https://keyringer.sarava.org +- Project page: [https://keyringer.sarava.org](https://keyringer.sarava.org). +- Issue tracker: [https://keyringer.sarava.org/trac](https://keyringer.sarava.org/trac). Requirements ------------ -- cgit v1.2.3 From 94eaede8759dd37d2fd234bb210b0a9336976aa4 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Mon, 1 Apr 2013 16:10:07 -0300 Subject: Be more explicit about preferences syntax by providing an example --- index.mdwn | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'index.mdwn') diff --git a/index.mdwn b/index.mdwn index 39bf5a9..944d459 100644 --- a/index.mdwn +++ b/index.mdwn @@ -152,7 +152,11 @@ Using a non-default OpenPGP key If you want to use a different key other than your default for a given keyringer, use - keyringer preferences add KEYID=FINGERPRINT + keyringer preferences add KEYID= + +Example: + + keyringer preferences add KEYID=0123456789ABCDEF0123456789ABCDE012345678 Notes ----- -- cgit v1.2.3 From 6f8c8d6d3bd41ecc5ba2a4b1b3898488cd0ad445 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Tue, 2 Apr 2013 10:45:16 -0300 Subject: Markdown fix --- index.mdwn | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'index.mdwn') diff --git a/index.mdwn b/index.mdwn index 944d459..29b79d9 100644 --- a/index.mdwn +++ b/index.mdwn @@ -89,8 +89,8 @@ keyringer is agnostic about how you store your secrets. You may choose to have one key file that contains one line for each secret, e.g. a single file called secrets with lines such as: -emma : root : secret1 -emma - /dev/hda : : secret2 + emma : root : secret1 + emma - /dev/hda : : secret2 Or you may also have a different key file for each secret, e.g. a file called emma.root that contains the root passphrase for the server named emma and -- cgit v1.2.3 From 01f71b2a5a554a3d034c2c2fc082bcc56fc78298 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Thu, 4 Apr 2013 13:10:17 -0300 Subject: Doc tidying --- index.mdwn | 23 ++++++----------------- 1 file changed, 6 insertions(+), 17 deletions(-) (limited to 'index.mdwn') diff --git a/index.mdwn b/index.mdwn index 29b79d9..3b8e5c3 100644 --- a/index.mdwn +++ b/index.mdwn @@ -5,22 +5,22 @@ Keyringer lets you manage and share secrets using GPG and git in a distributed fashion. It has custom commands to encrypt, decrypt, recrypt, create key pairs, etc. -- Project page: [https://keyringer.sarava.org](https://keyringer.sarava.org). -- Issue tracker: [https://keyringer.sarava.org/trac](https://keyringer.sarava.org/trac). +- Project page: [https://keyringer.sarava.org](https://keyringer.sarava.org) +- Issue tracker: [https://keyringer.sarava.org/trac](https://keyringer.sarava.org/trac) Requirements ------------ Keyringer needs: - - Bash - http://tiswww.case.edu/php/chet/bash/bashtop.html - - Git - http://git-scm.com - - GNU Privacy Guard - http://gnupg.org + - [Bash](http://tiswww.case.edu/php/chet/bash/bashtop.html) + - [Git](http://git-scm.com) + - [GNU](Privacy Guard - http://gnupg.org) - Grep, awk, tail, cut, sed and other GNU tools Optional dependencies if you want to manage ssl keys: - - OpenSSL - http://www.openssl.org + - [OpenSSL](http://www.openssl.org) Installation ------------ @@ -215,14 +215,3 @@ given key), but it's possible to: - Or to consider an integration with gpg's --hidden-recipient option. -Notes: Using with GNU Privacy Guard ------------------------------------ - -Exporting public keys: - - gpg --armor --export - -Exporting private keys (take care): - - gpg --armor --export-secret-keys - -- cgit v1.2.3 From 6e7fdfee72fc9574af8e8aca1a69c4af3f039fc9 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Thu, 4 Apr 2013 13:12:46 -0300 Subject: More tidying --- index.mdwn | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'index.mdwn') diff --git a/index.mdwn b/index.mdwn index 3b8e5c3..a91d9cf 100644 --- a/index.mdwn +++ b/index.mdwn @@ -45,14 +45,14 @@ run: This will - 1. Add an entry at $HOME/.keyringer/config aliasing 'keyring' to 'path'. + 1. Add an entry at `$HOME/.keyringer/config` aliasing 'keyring' to 'path'. 2. Initialize a git repository if needed. For example, keyringer friends init $HOME/keyrings/friends -will create an alias "friends" pointing to $HOME/keyrings/friends. Call all +will create an alias "friends" pointing to `$HOME/keyrings/friends`. Call all other keyring actions using this alias. If there is an existing remote keyring git repository and you just @@ -137,13 +137,13 @@ Keyringer comes with a simple git wrapper to ease common management tasks: Configuration files, preferences and options -------------------------------------------- - 1. Main config file: $HOME/.keyringer/config: store the location of + 1. Main config file: `$HOME/.keyringer/config`: store the location of each keyring. - 2. User preferences per keyring: $HOME/.keyringer/: managed by + 2. User preferences per keyring: `$HOME/.keyringer/`: managed by "keyringer preferences". - 3. Custom keyring options: $KEYRING_FOLDER/config/options: managed by + 3. Custom keyring options: `$KEYRING_FOLDER/config/options`: managed by "keyringer options". Using a non-default OpenPGP key @@ -161,7 +161,7 @@ Example: Notes ----- - 1. The is any file inside the keys/ folder of your + 1. The `` is any file inside the `keys/` folder of your keyring directory. 2. Never decrypt a key and write it to the disk, except -- cgit v1.2.3 From a38ece335d6e953d4782ec545ebfb17835626a8f Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Tue, 7 May 2013 21:50:52 -0300 Subject: Formatting --- index.mdwn | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'index.mdwn') diff --git a/index.mdwn b/index.mdwn index a91d9cf..010d7cd 100644 --- a/index.mdwn +++ b/index.mdwn @@ -175,11 +175,9 @@ Concepts Basic idea is: - - Encrypt stuff with ppl's gpg pubkeys and push the output - in a git repo. + - Encrypt stuff with ppl's gpg pubkeys and push the output in a git repo. - - Let ppl keep it in sync with the repo and the keys are - shared :) + - Let ppl keep it in sync with the repo and the keys are shared :) For "key" it's meant anything as the script work with stdin and output things to files, so it can be passphrases, private keys or other kind of info. -- cgit v1.2.3 From aca6e6bbfab163e8001c0909d34107d5c15711f5 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Tue, 7 May 2013 21:51:48 -0300 Subject: Page title --- index.mdwn | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'index.mdwn') diff --git a/index.mdwn b/index.mdwn index 010d7cd..7ba5604 100644 --- a/index.mdwn +++ b/index.mdwn @@ -1,5 +1,4 @@ -Keyringer -========= +[[!meta title="Keyringer: encrypted and distributed secret sharing software"]] Keyringer lets you manage and share secrets using GPG and git in a distributed fashion. It has custom commands to encrypt, decrypt, recrypt, create key pairs, -- cgit v1.2.3 From a0ca9733ade4233bfe780556825f9f6524c270ae Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Tue, 7 May 2013 21:53:24 -0300 Subject: Minor doc update --- index.mdwn | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'index.mdwn') diff --git a/index.mdwn b/index.mdwn index 7ba5604..b6684a3 100644 --- a/index.mdwn +++ b/index.mdwn @@ -166,8 +166,8 @@ Notes 2. Never decrypt a key and write it to the disk, except if you're adding it to your personall keyring. - 3. Recipients are defined at file config/recipients. - Please add just trustable recipients. + 3. Recipients are defined at file `config/recipients`. + Take care to add just trustable recipients. Concepts -------- -- cgit v1.2.3 From 9930aff7a59600f7ecf2bdf4d61588eeaa508098 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Tue, 7 May 2013 21:56:25 -0300 Subject: Misc doc updates --- index.mdwn | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) (limited to 'index.mdwn') diff --git a/index.mdwn b/index.mdwn index b6684a3..e677177 100644 --- a/index.mdwn +++ b/index.mdwn @@ -1,8 +1,7 @@ [[!meta title="Keyringer: encrypted and distributed secret sharing software"]] -Keyringer lets you manage and share secrets using GPG and git in a distributed -fashion. It has custom commands to encrypt, decrypt, recrypt, create key pairs, -etc. +Keyringer lets you manage and share secrets using GPG and git with custom +commands to encrypt, decrypt, recrypt, create key pairs, etc. - Project page: [https://keyringer.sarava.org](https://keyringer.sarava.org) - Issue tracker: [https://keyringer.sarava.org/trac](https://keyringer.sarava.org/trac) @@ -28,8 +27,8 @@ Just clone git clone git://git.sarava.org/keyringer.git -And then leave it somewhere, optionally adding it to your $PATH environment variable. -You can also package it to your preferred distro. +And then leave it somewhere, optionally adding it to your `$PATH` environment variable +or package it to your preferred distro. Creating a keyringer repository ------------------------------- @@ -37,8 +36,7 @@ Creating a keyringer repository The first step is to setup a keyring. Keyringer supports management of multiple isolated keyrings. To start -a new keyring (or register an existing one with your config file), -run: +a new keyring (or register an existing one with your config file), run: keyringer init [remote] @@ -51,8 +49,8 @@ For example, keyringer friends init $HOME/keyrings/friends -will create an alias "friends" pointing to `$HOME/keyrings/friends`. Call all -other keyring actions using this alias. +will create an alias "friends" pointing to `$HOME/keyrings/friends`. All +other keyring actions should be called using this alias. If there is an existing remote keyring git repository and you just want to checkout it, use -- cgit v1.2.3 From 5d10ea9dba8559c94971a5461d2286529c4bf10d Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Thu, 9 May 2013 22:57:51 -0300 Subject: Adding contact info --- index.mdwn | 1 + 1 file changed, 1 insertion(+) (limited to 'index.mdwn') diff --git a/index.mdwn b/index.mdwn index e677177..ce92532 100644 --- a/index.mdwn +++ b/index.mdwn @@ -5,6 +5,7 @@ commands to encrypt, decrypt, recrypt, create key pairs, etc. - Project page: [https://keyringer.sarava.org](https://keyringer.sarava.org) - Issue tracker: [https://keyringer.sarava.org/trac](https://keyringer.sarava.org/trac) +- Contact: rhatto at riseup.net Requirements ------------ -- cgit v1.2.3 From cf01cc3e9766fc2a8b7a594c9dd5358508b1f78f Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Thu, 4 Jul 2013 20:01:55 -0300 Subject: Moving requirements to the end --- index.mdwn | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) (limited to 'index.mdwn') diff --git a/index.mdwn b/index.mdwn index ce92532..2e5aa58 100644 --- a/index.mdwn +++ b/index.mdwn @@ -7,20 +7,6 @@ commands to encrypt, decrypt, recrypt, create key pairs, etc. - Issue tracker: [https://keyringer.sarava.org/trac](https://keyringer.sarava.org/trac) - Contact: rhatto at riseup.net -Requirements ------------- - -Keyringer needs: - - - [Bash](http://tiswww.case.edu/php/chet/bash/bashtop.html) - - [Git](http://git-scm.com) - - [GNU](Privacy Guard - http://gnupg.org) - - Grep, awk, tail, cut, sed and other GNU tools - -Optional dependencies if you want to manage ssl keys: - - - [OpenSSL](http://www.openssl.org) - Installation ------------ @@ -211,3 +197,17 @@ given key), but it's possible to: - Or to consider an integration with gpg's --hidden-recipient option. +Requirements +------------ + +Keyringer needs: + + - [Bash](http://tiswww.case.edu/php/chet/bash/bashtop.html) + - [Git](http://git-scm.com) + - [GNU](Privacy Guard - http://gnupg.org) + - Grep, awk, tail, cut, sed and other GNU tools + +Optional dependencies if you want to manage ssl keys: + + - [OpenSSL](http://www.openssl.org) + -- cgit v1.2.3 From dce3fe0e929329416898fab7584d0f169518dc88 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Thu, 4 Jul 2013 20:04:17 -0300 Subject: New contacts --- index.mdwn | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'index.mdwn') diff --git a/index.mdwn b/index.mdwn index 2e5aa58..6c2557c 100644 --- a/index.mdwn +++ b/index.mdwn @@ -3,9 +3,9 @@ Keyringer lets you manage and share secrets using GPG and git with custom commands to encrypt, decrypt, recrypt, create key pairs, etc. -- Project page: [https://keyringer.sarava.org](https://keyringer.sarava.org) -- Issue tracker: [https://keyringer.sarava.org/trac](https://keyringer.sarava.org/trac) -- Contact: rhatto at riseup.net +- Project page: [https://keyringer.pw](https://keyringer.pw) +- Issue tracker: [https://keyringer.pw/trac](https://keyringer.pw/trac) +- Contact: rhatto at keyringer.pw Installation ------------ -- cgit v1.2.3 From 50e14d3d46f880519a6b258528c65ccd2caf02cc Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Thu, 4 Jul 2013 20:14:55 -0300 Subject: Tor hidden service --- index.mdwn | 1 + 1 file changed, 1 insertion(+) (limited to 'index.mdwn') diff --git a/index.mdwn b/index.mdwn index 6c2557c..a9beecf 100644 --- a/index.mdwn +++ b/index.mdwn @@ -5,6 +5,7 @@ commands to encrypt, decrypt, recrypt, create key pairs, etc. - Project page: [https://keyringer.pw](https://keyringer.pw) - Issue tracker: [https://keyringer.pw/trac](https://keyringer.pw/trac) +- Tor hidden service: [http://y6ntvl5bzs3c7ffa.onion](http://y6ntvl5bzs3c7ffa.onion) - Contact: rhatto at keyringer.pw Installation -- cgit v1.2.3 From 5ceceaffb35560b30f33a06b08a6622a2266c0d3 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Sat, 17 Aug 2013 14:19:59 -0300 Subject: Added support to encrypt from files --- index.mdwn | 4 ++++ share/keyringer/encrypt | 19 ++++++++++++++++--- share/man/keyringer.1.mdwn | 4 ++-- 3 files changed, 22 insertions(+), 5 deletions(-) (limited to 'index.mdwn') diff --git a/index.mdwn b/index.mdwn index a9beecf..9156fe9 100644 --- a/index.mdwn +++ b/index.mdwn @@ -85,6 +85,10 @@ Encrypting a key keyringer encrypt +Encrypting a key from a file + + keyringer encrypt + Decrypting a key (only to stdout) keyringer decrypt diff --git a/share/keyringer/encrypt b/share/keyringer/encrypt index 3680d0b..f35cdff 100755 --- a/share/keyringer/encrypt +++ b/share/keyringer/encrypt @@ -8,7 +8,18 @@ LIB="`dirname $0`/../../lib/keyringer/functions" source "$LIB" || exit 1 # Aditional parameters -keyringer_get_new_file "$2" +if [ ! -z "$3" ]; then + UNENCRYPTED_FILE="$2" + keyringer_get_new_file "$3" + + if [ ! -f "$UNENCRYPTED_FILE" ]; then + echo "Error: cannot encrypted $UNENCRYPTED_FILE: file not found." + exit 1 + fi +else + UNENCRYPTED_FILE="-" + keyringer_get_new_file "$2" +fi # Set recipients file keyringer_set_recipients "$FILE" @@ -18,10 +29,12 @@ mkdir -p "$KEYDIR/`dirname $FILE`" if [ "$BASENAME" == "encrypt" ]; then # Only display directions if we're running encrypt, not encrypt-batch - echo "Type your message and finish your input with EOF (Ctrl-D)." + if [ "$UNENCRYPTED_FILE" == "-" ]; then + echo "Type your message and finish your input with EOF (Ctrl-D)." + fi fi -$GPG --use-agent --armor -e -s $(keyringer_recipients "$RECIPIENTS_FILE") - > "$KEYDIR/$FILE" +$GPG --use-agent --armor -e -s $(keyringer_recipients "$RECIPIENTS_FILE") --yes --output "$KEYDIR/$FILE" $UNENCRYPTED_FILE err="$?" diff --git a/share/man/keyringer.1.mdwn b/share/man/keyringer.1.mdwn index 23b8d85..14ae687 100644 --- a/share/man/keyringer.1.mdwn +++ b/share/man/keyringer.1.mdwn @@ -66,8 +66,8 @@ edit <*SECRET*> : Edits a secret by temporarily decrypting it, opening the decrypted copy into *$EDITOR* and then recrypting it again. -encrypt <*SECRET*> -: Encrypts content from standard input into *SECRET*. +encrypt [*file*] <*SECRET*> +: Encrypts content from standard input or *file* into *SECRET*. encrypt-batch <*SECRET*> : Encrypt content, batch mode. -- cgit v1.2.3 From c95bf5120b8e228948df3e5ae6efbbb18b7a468b Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Sat, 17 Aug 2013 14:26:29 -0300 Subject: Disambiguate keys/secrets --- index.mdwn | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) (limited to 'index.mdwn') diff --git a/index.mdwn b/index.mdwn index 9156fe9..7ed01a6 100644 --- a/index.mdwn +++ b/index.mdwn @@ -65,52 +65,52 @@ Fill it with your friends key IDs. Now encrypt a secret just for then: In other words, if keyringer finds a recipient file matching a given path, it will use it instead of the global recipients file. -Managing keys +Managing secrets ---------------- -Each key has a corresponding file in your keys subdirectory. +Each secret has a corresponding file in your `keys` subdirectory. -keyringer is agnostic about how you store your secrets. You may choose to have -one key file that contains one line for each secret, e.g. a single file called +Keyringer is agnostic about how you store your secrets. You may choose to have +one encrypted file that contains one line for each secret, e.g. a single file called secrets with lines such as: emma : root : secret1 emma - /dev/hda : : secret2 -Or you may also have a different key file for each secret, e.g. a file called +Or you may also have a different encrypted file for each secret, e.g. a file called emma.root that contains the root passphrase for the server named emma and another called emma.hda with the passphrase to decrypt /dev/hda on emma. -Encrypting a key +Encrypting a secret keyringer encrypt -Encrypting a key from a file +Encrypting a secret from a file keyringer encrypt -Decrypting a key (only to stdout) +Decrypting a secret (only to stdout) keyringer decrypt -Re-encrypting a key or the whole repository +Re-encrypting a secret or the whole repository keyringer recrypt [file] -Appending information to a key +Appending information to a secret keyringer append -Editing a key +Editing a secret -To edit a key, use +To edit a secret, use keyringer edit Use this option with caution as it keeps temporary unencrypted data into keyringer temp folder and at your editor's temp files. -Listing keys +Listing secrets keyringer ls [arguments] -- cgit v1.2.3