aboutsummaryrefslogtreecommitdiff
path: root/share/man/keyringer.1.mdwn
blob: 99abd60f7abd607ad6f9d9be6218482f2924c4cf (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
% KEYRINGER(1) Keyringer User Manual
% Silvio Rhatto
% August 17, 2013

# NAME

keyringer - encrypted and distributed secret sharing software

# SYNOPSIS

keyringer <*keyring*> <*action*> [*options*]...

# DESCRIPTION

Keyringer lets you manage and share secrets using GPG and git with custom
commands to encrypt, decrypt, recrypt, create key pairs, etc.

# ACTIONS

Keyringer has three types of actions:

1. Configuration actions.
2. Secret manipulation actions.
3. Repository lookup and manipulation actions.

## CONFIGURATION ACTIONS

commands
:  List available actions, useful for shell completion and syntax check.

options <*ls*|*edit*|*add*>
:  List, edit or add miscelaneous *repository options*.

preferences <*ls*|*edit*|*add*>
:  List, edit or add *user options* for a given repository.

recipients <*ls*|*edit*> <*recipient-file*>
:  List or edit recipient configuration.

usage
:  Show usage information.

## SECRET MANIPULATION ACTIONS

All secret manipulation actions operates upon a *SECRET*, which is the pathname
of an encrypted file relative to keyring with optional `.asc` extension.

Secret manipulation actions do not commit changes into the secret repository.
After any manipulation, the user has to manually commit the changes.

append <*SECRET*>
:  Append contents into a secret.

append-batch <*SECRET*>
:  Append contents into a secret, batch mode.

decrypt <*SECRET*>
:  Decrypts a secret into standard output.

del <*SECRET*>
:  Removes a secret using git. After deleting a secret a git commit and push is still
   needed to update remote repositories. To completely remove a file from a keyring,
   you should also rewrite the git history by yourself.

edit <*SECRET*>
:  Edits a secret by temporarily decrypting it, opening the decrypted copy into *$EDITOR*
   and then recrypting it again.

encrypt <*SECRET*>
:  Encrypts content from standard input into *SECRET*.

encrypt-batch <*SECRET*>
:  Encrypt content, batch mode.

genpair <*ssh*|*gpg*|*ssl*|*ssl-self*> [*options*]
:  Wrapper to generete encryption keypairs, useful for automated key deployment.

recrypt <*SECRET*>
:  Recrypts a secret by decrypting it and recrypting again. Useful when users are added
   into recipient configuration. If no *SECRET* is given, all secrets in the repository
   are re-encrypted.

# REPOSITORY LOOKUP AND MANIPULATION ACTIONS

git <*action*> <*options*>
:  Git wrapper that operates from the toplevel keyring repository. 

ls <*PATH*>
:  List contents from the toplevel repository *keys* folder or from relative *PATH*.

# SEE ALSO

The *README* file distributed with Keyringer contains full documentation.

The Keyringer source code and all documentation may be downloaded from
<https://keyringer.pw>.