summaryrefslogtreecommitdiff
path: root/README
blob: c1768be2046608a8ea4167a120157746eac82b1f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
Keyringer
=========

Encrypting a key
----------------

  scripts/encrypt <file>

Decrypting a key (only to stdout)
---------------------------------

  scripts/decrypt <file>

Re-encrypting a key
-------------------

  scripts/recrypt <file>

Notes
-----

  1. The <file> is any file inside the keys/ folder.

  2. Never decrypt a key and write it to the disk, except
     if you're adding it to your personall keyring.

  3. Recipients are defined at file config/recipients.
     Please add just trustable recipients.

Using with GNU Privacy Guard
----------------------------

Exporting public keys:

  gpg --armor --export <keyid>

Exporting private keys (take care):

  gpg --armor --export-secret-keys

TODO
====

  - Enhanced documentation.
  - Better intregation with gpg.
  - Smarter scripts, support for "groups" of users in a way an user
    can encrypt a given key just to some users.
  - Interface with ssss where the scripts automatically splits passphrases
    into ssss tokens and encrypt those to different groups of users.
  - Security checks.
  - Hidden recipient support.
  - Git automation, including:
    - Automatic repository maintenance functions.
    - Hooks to inform users.
    - Removal of old history.