gpgtool/README.md

# GPGTool

Zsh script to manage GPG keys without storing the master key in your main GnuPG 
keyring.

**This is currently in a *TESTING* state. Do not use for production unless you 
can manually verify each step doesn’t accidentally leak into your main GnuPG 
keyring.**

GPG lets you have sub keys for encryption and for signing without having access 
to the secret part of the master key. That way you can use your GPG key without 
fear of having your secure identity compromised should you ever “lose” your 
keys.

An attacker will be able to use the currently valid sub keys until you revoke 
them. They will _never_ be able to create new sub keys for your master key.

So in case of compromise of your GPG key(s)

1. whip out your securely stored master key,
2. revoke your current sub keys,
3. make sure to propagate that e.g. via key server and
4. generate new sub keys.

## How It Works

FIXXME

## Installation

Download / clone this repo and put it somewhere. Either run `gpgtools` from 
there directly or put it in your `PATH`.

If you want to package this for your flavour for \*nix, go ahead. It’s GPL.

## Usage

### Open the Key Safe

FIXXME

### Work with Your Keys

FIXXME

### Close the Key Safe

FIXXME

## (Optional) Configuration File

FIXXME

See [`gpgtool.example.conf`](gpgtool.example.conf).

## F.A.Q.

**Q:** I want this as a bash script!

**A:** That’s not a question.

**Q:** Can I have this as a bash script?

**A:** No.

[![GitHub Sponsors](https://img.shields.io/github/sponsors/alterNERDtive?style=for-the-badge)](https://github.com/sponsors/alterNERDtive)
[![ko-fi](https://ko-fi.com/img/githubbutton_sm.svg)](https://ko-fi.com/S6S1DLYBS)
-												initial commit

											
										
										
											2022-07-13 23:49:12 +02:00
+								# GPGTool
-												README: rewording

											
										
										
											2022-07-19 14:42:50 +02:00
+								Zsh script to manage GPG keys without storing the master key in your main GnuPG
-												typos ’n’ shit

											
										
										
											2022-07-23 18:36:58 +02:00
+								keyring.
-												the beginnings of a README

											
										
										
											2022-07-19 11:49:36 +02:00
-												README: added huge TESTING disclaimer

											
										
										
											2022-07-19 13:58:04 +02:00
+								**This is currently in a *TESTING* state. Do not use for production unless you
 								can manually verify each step doesn’t accidentally leak into your main GnuPG
-												README: wording

											
										
										
											2022-07-19 14:32:23 +02:00
+								keyring.**
-												README: added huge TESTING disclaimer

											
										
										
											2022-07-19 13:58:04 +02:00
-												the beginnings of a README

											
										
										
											2022-07-19 11:49:36 +02:00
+								GPG lets you have sub keys for encryption and for signing without having access
 								to the secret part of the master key. That way you can use your GPG key without
 								fear of having your secure identity compromised should you ever “lose” your
 								keys.
 								An attacker will be able to use the currently valid sub keys until you revoke
 								them. They will _never_ be able to create new sub keys for your master key.
-												README: rewording

											
										
										
											2022-07-19 14:42:50 +02:00
+								So in case of compromise of your GPG key(s)
 . whip out your securely stored master key,
 . revoke your current sub keys,
 . make sure to propagate that e.g. via key server and
 . generate new sub keys.
-												the beginnings of a README

											
										
										
											2022-07-19 11:49:36 +02:00
-												typos ’n’ shit

											
										
										
											2022-07-23 18:36:58 +02:00
+								## How It Works
 								FIXXME
-												the beginnings of a README

											
										
										
											2022-07-19 11:49:36 +02:00
+								## Installation
 								Download / clone this repo and put it somewhere. Either run `gpgtools` from
 								there directly or put it in your `PATH`.
 								If you want to package this for your flavour for \*nix, go ahead. It’s GPL.
 								## Usage
-												typos ’n’ shit

											
										
										
											2022-07-23 18:36:58 +02:00
+								### Open the Key Safe
 								FIXXME
 								### Work with Your Keys
 								FIXXME
 								### Close the Key Safe
-												initial commit

											
										
										
											2022-07-13 23:49:12 +02:00
+								FIXXME
-												the beginnings of a README

											
										
										
											2022-07-19 11:49:36 +02:00
+								## (Optional) Configuration File
 								FIXXME
 								See [`gpgtool.example.conf`](gpgtool.example.conf).
 								## F.A.Q.
 								**Q:** I want this as a bash script!
 								**A:** That’s not a question.
 								**Q:** Can I have this as a bash script?
 								**A:** No.
-												initial commit

											
										
										
											2022-07-13 23:49:12 +02:00
+								[![GitHub Sponsors](https://img.shields.io/github/sponsors/alterNERDtive?style=for-the-badge)](https://github.com/sponsors/alterNERDtive)
 								[![ko-fi](https://ko-fi.com/img/githubbutton_sm.svg)](https://ko-fi.com/S6S1DLYBS)