# Keyringer translation source
# Copyright (C) 2013 Keyringer Developers
# This file is distributed under the same license as the keyringer package.
# Silvio Rhatto <rhatto@riseup.net>, 2013.
#
msgid ""
msgstr ""
"Project-Id-Version: Keyringer\n"
"POT-Creation-Date: 2013-11-10 23:20-0100\n"
"PO-Revision-Date: 2013-11-10 23:20-0100\n"
"Last-Translator: Keyringer Developers <contact@keyringer.pw>\n"
"Language-Team: Keyringer Developers <contact@keyringer.pw>\n"
"Language: \n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"

#. type: Plain text
#: keyringer.1.mdwn:4
msgid ""
"% KEYRINGER(1) Keyringer User Manual % Silvio Rhatto <rhatto@riseup.net> % "
"Oct 25, 2013"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:6
msgid "# NAME"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:8
msgid "keyringer - encrypted and distributed secret sharing software"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:10
msgid "# SYNOPSIS"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:12
msgid "keyringer <*keyring*> <*action*> [*options*]..."
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:14
msgid "# DESCRIPTION"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:17
msgid ""
"Keyringer lets you manage and share secrets using GnuPG and Git in a "
"distributed fashion."
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:22
msgid ""
"It has custom commands to create key-pairs and to encrypt, decrypt and "
"re-encrypt secrets. It also supports encryption to multiple recipients and "
"groups of recipients, to allow a workgroup to share access to a single "
"repository while restricting some secrets to subsets of the group."
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:25
msgid ""
"Secrets are encrypted using GPG and added to a Git tree so that they can be "
"synced with remote branches later."
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:27
msgid "# ACTIONS"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:29
msgid "Keyringer has three types of actions:"
msgstr ""

#. type: Bullet: '1. '
#: keyringer.1.mdwn:32
msgid ""
"Repository lookup and manipulation actions, which handle repository "
"initialization, content tracking and navigation."
msgstr ""

#. type: Bullet: '2. '
#: keyringer.1.mdwn:35
msgid ""
"Secret manipulation actions, which take care of encrypting, decrypting and "
"other read/write operations on secrets."
msgstr ""

#. type: Bullet: '3. '
#: keyringer.1.mdwn:37
msgid "Configuration actions, handling repository metadata."
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:39
msgid "# REPOSITORY LOOKUP AND MANIPULATION ACTIONS"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:43
#, no-wrap
msgid ""
"init <*path*> [*remote*]\n"
":   Initialize a new keyringer repository. If a *remote* URL is specified, "
"keyringer will\n"
"    clone an existing repository.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:46
#, no-wrap
msgid ""
"    After initialization, *path* will contain a folder structure for storing "
"secrets\n"
"    and metadata (user aka recipients, groups of recipients, etc).\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:49
#, no-wrap
msgid ""
"    Also, an entry will be added to `$HOME/.keyringer/config` allowing "
"keyringer to\n"
"    find the keyring by its alias.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:53
#, no-wrap
msgid ""
"git <*action*> <*options*>\n"
":   Git wrapper that operates from the toplevel keyring repository. You can "
"issue any\n"
"    *GIT(1)* subcommand with this action to have it applied in the keyring "
"repository.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:58
#, no-wrap
msgid ""
"ls <*path*>\n"
":   List contents from the toplevel repository *keys* folder or from "
"relative paths\n"
"    if *path* is specified. Like the git wrapper, this is a wrapper around "
"the *LS(1)*\n"
"    command.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:60
msgid "# SECRET MANIPULATION ACTIONS"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:63
msgid ""
"All secret manipulation actions operate upon a *secret* which is the "
"pathname of an encrypted file relative to the keyring with optional `.asc` "
"extension."
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:66
msgid ""
"If the `.asc` extension is omitted, keyringer will add it at the end of the "
"pathname."
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:68
msgid "No spaces are allowed in the secret name."
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:72
msgid ""
"Secret manipulation actions do not commit changes into the secret "
"repository.  Instead, the user has to manually commit the changes using the "
"git wrapper action."
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:76
#, no-wrap
msgid ""
"append <*secret*>\n"
":   Append contents into a secret by decrypting the secret, appending lines "
"read\n"
"    from the standard input and encrypting again.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:79
#, no-wrap
msgid ""
"append-batch <*secret*>\n"
":   Append contents into a secret, batch mode.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:82
#, no-wrap
msgid ""
"decrypt <*secret*>\n"
":   Decrypts a secret into standard output.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:86
#, no-wrap
msgid ""
"del <*secret*>\n"
":   Removes a secret using Git. After deleting a secret a git commit and "
"push is still\n"
"    needed to update remote repositories.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:90
#, no-wrap
msgid ""
"    Please note that this command **does not remove the secret from the Git "
"history.**\n"
"    To completely remove a file from a keyring, you should also rewrite the "
"Git\n"
"    history yourself.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:94
#, no-wrap
msgid ""
"edit <*secret*>\n"
":   Edit a secret by temporarily decrypting it, opening the decrypted copy "
"into the \n"
"    text editor defined by the *$EDITOR* environment variable and then "
"re-encrypting it.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:98
#, no-wrap
msgid ""
"encrypt <*secret*> [*file*]\n"
":   Encrypts content from standard input or *file* into *secret* "
"pathname. No spaces\n"
"    are supported in the *secret* name.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:101
#, no-wrap
msgid ""
"encrypt-batch <*secret*>\n"
":   Encrypt content, batch mode.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:104
#, no-wrap
msgid ""
"genpair <*ssh*|*gpg*|*ssl*|*ssl-self*> [*options*]\n"
":   Wrapper to generate encryption key-pairs, useful for automated key "
"deployment.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:108
#, no-wrap
msgid ""
"open <*secret*>\n"
":   Decrypt a secret into a temporary folder and open it using xdg-open, "
"which\n"
"    tries to figure out the file type and then calls the associated "
"application.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:111
#, no-wrap
msgid ""
"    After the application exits, keyringer encrypts the temporary decrypted "
"file\n"
"    again into the secret file and deletes the temporary file.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:116
#, no-wrap
msgid ""
"recrypt <*secret*>\n"
":   Re-encrypts a secret by decrypting it and encrypting it again. Useful "
"when users are added\n"
"    into the recipient configuration. If no *secret* is given, all secrets "
"in the repository\n"
"    are re-encrypted.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:118
msgid "# CONFIGURATION ACTIONS"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:121
#, no-wrap
msgid ""
"commands\n"
":   List available actions, useful for shell completion and syntax check.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:124
#, no-wrap
msgid ""
"options <*ls*|*edit*|*add*>\n"
":   List, edit or add miscellaneous *repository* options.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:128
#, no-wrap
msgid ""
"    Repository options are settings which are saved in the repository as a "
"*global*\n"
"    configuration stanza for a given keyring, shared by all users with "
"access to\n"
"    the repository.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:131
#, no-wrap
msgid ""
"    Options are written using the *KEY=VALUE* syntax. All lines starting "
"with the\n"
"    hash (#) character are interpreted as comments.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:134
#, no-wrap
msgid ""
"preferences <*ls*|*edit*|*add*>\n"
":   List, edit or add *user* preferences for a given repository.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:137
#, no-wrap
msgid ""
"    User preferences are settings which are saved in the user's keyringer "
"folder\n"
"    (`$HOME/.keyringer/`), and not shared with the other users.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:140
#, no-wrap
msgid ""
"    Preferences are written using the *KEY=VALUE* syntax. All lines starting "
"with the\n"
"    hash (#) character are interpreted as comments.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:143
#, no-wrap
msgid ""
"usage\n"
":   Show keyringer usage information.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:146
#, no-wrap
msgid ""
"recipients <*ls*|*edit*> <*recipients-file*>\n"
":   List, create or edit recipients configuration.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:149
#, no-wrap
msgid ""
"    Recipients files are lists of OpenPGP public key fingerprints which are "
"used\n"
"    by keyringer when encrypting secrets and associated with email "
"aliases.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:152
#, no-wrap
msgid ""
"    Keyringer uses a default recipients file, but specifying a custom "
"*recipients-file*\n"
"    pathname will override this default.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:158
#, no-wrap
msgid ""
"    For instance, if a user encrypts a secret to a file in the keyring "
"repository's\n"
"    *accounting* folder, a *recipients-file* under *accounting* will be "
"used.\n"
"    Encrypting a secret into *accounting/bank-accounts* will result in a "
"file\n"
"   `$KEYRING_FOLDER/keys/accounting/bank-accounts.asc` encrypted using the "
"public\n"
"    keys listed in the config "
"file`$KEYRING_FOLDER/config/recipients/accounting`.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:163
#, no-wrap
msgid ""
"    Each line in a recipients file has entries in the format\n"
"    'john@doe.com XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', where "
"*john@doe.com*\n"
"    is an alias for the GPG public key whose fingerprint is\n"
"    *XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.*\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:165
#, no-wrap
msgid ""
"    All lines starting with the hash (#) character are interpreted as "
"comments.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:167
#, no-wrap
msgid "    Parameters to the *recipients* action are:\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:170
#, no-wrap
msgid ""
"      *ls*\n"
"      :   List all existing recipients files.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:173
#, no-wrap
msgid ""
"      *edit*\n"
"      :   Create or edit a recipients file.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:176
#, no-wrap
msgid ""
"          Editing happens using the editor specified by the `$EDITOR`\n"
"          environment variable.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:179
#, no-wrap
msgid ""
"          The required parameter *recipients-file* is interpreted relative\n"
"          to the `$KEYRING_FOLDER/config/recipients/` folder.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:181
msgid "# FILES"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:184
msgid ""
"$HOME/.keyringer/config : User's main configuration file used to map alias "
"names to keyrings."
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:187
msgid ""
"$HOME/.keyringer/*keyring* : User preferences for the keyringer aliased "
"*keyring* keyring."
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:191
#, no-wrap
msgid ""
"$KEYRING_FOLDER/config/options\n"
":  Custom keyring options which will be applied for all users that use\n"
"   the keyringer repository.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:193
msgid "# LIMITATIONS"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:195
msgid "Keyringer currently has the following limitations:"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:201
#, no-wrap
msgid ""
"1. Metadata is not encrypted, meaning that an attacker with access to a "
"keyringer\n"
"  repository can discover all public key IDs used for encryption, and which "
"secrets\n"
"  are encrypted to which keys. This can be improved in the future by "
"encrypting\n"
"  the repository configuration with support for the *--hidden-recipient* "
"GnuPG\n"
"  option.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:206
#, no-wrap
msgid ""
"2. History is not rewritten by default when secrets are removed from a "
"keyringer\n"
"  repository. After a secret is removed with the *del* action, it will still "
"be\n"
"  available in the repository history even after a commit. This is by "
"design\n"
"  for the following reasons:\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:211
#, no-wrap
msgid ""
"  - It's the default behavior of the Git content tracker. Forcing the\n"
"     deletion by default could break the expected behavior and hence limit\n"
"     the repository's backup features, which can be helpful if someone\n"
"     mistakenly overwrites a secret.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:215
#, no-wrap
msgid ""
"  - History rewriting cannot be considered a security measure against the\n"
"     unauthorized access to a secret as it doesn't automatically update "
"all\n"
"     working copies of the repository.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:219
#, no-wrap
msgid ""
"     In the case that the secret is a passphrase, the recommended measure\n"
"     against such attacks is to change the passphrase, making useless the\n"
"     knowledge of the previous secret.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:222
#, no-wrap
msgid ""
"     Users wishing to edit their repository history should proceed "
"manually\n"
"     using the *git* action.\n"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:224
msgid "# SEE ALSO"
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:226
msgid "The *README* file distributed with Keyringer contains full documentation."
msgstr ""

#. type: Plain text
#: keyringer.1.mdwn:228
msgid ""
"The Keyringer source code and all documentation may be downloaded from "
"<https://keyringer.pw>."
msgstr ""