2022-07-13 23:49:12 +02:00
|
|
|
|
# GPGTool
|
|
|
|
|
|
|
2022-07-19 11:49:36 +02:00
|
|
|
|
Zsh script to manage GPG keys without storing the master key.
|
|
|
|
|
|
|
|
|
|
|
|
GPG lets you have sub keys for encryption and for signing without having access
|
|
|
|
|
|
to the secret part of the master key. That way you can use your GPG key without
|
|
|
|
|
|
fear of having your secure identity compromised should you ever “lose” your
|
|
|
|
|
|
keys.
|
|
|
|
|
|
|
|
|
|
|
|
An attacker will be able to use the currently valid sub keys until you revoke
|
|
|
|
|
|
them. They will _never_ be able to create new sub keys for your master key.
|
|
|
|
|
|
|
|
|
|
|
|
So in case of compromise of your GPG key(s), whip out your securely stored
|
|
|
|
|
|
master key, invalidate your current sub keys, make sure to propagate that e.g.
|
|
|
|
|
|
via key server and generate new sub keys.
|
|
|
|
|
|
|
|
|
|
|
|
## Installation
|
|
|
|
|
|
|
|
|
|
|
|
Download / clone this repo and put it somewhere. Either run `gpgtools` from
|
|
|
|
|
|
there directly or put it in your `PATH`.
|
|
|
|
|
|
|
|
|
|
|
|
If you want to package this for your flavour for \*nix, go ahead. It’s GPL.
|
|
|
|
|
|
|
|
|
|
|
|
## Usage
|
|
|
|
|
|
|
2022-07-13 23:49:12 +02:00
|
|
|
|
FIXXME
|
|
|
|
|
|
|
2022-07-19 11:49:36 +02:00
|
|
|
|
## (Optional) Configuration File
|
|
|
|
|
|
|
|
|
|
|
|
FIXXME
|
|
|
|
|
|
|
|
|
|
|
|
See [`gpgtool.example.conf`](gpgtool.example.conf).
|
|
|
|
|
|
|
|
|
|
|
|
## F.A.Q.
|
|
|
|
|
|
|
|
|
|
|
|
**Q:** I want this as a bash script!
|
|
|
|
|
|
|
|
|
|
|
|
**A:** That’s not a question.
|
|
|
|
|
|
|
|
|
|
|
|
**Q:** Can I have this as a bash script?
|
|
|
|
|
|
|
|
|
|
|
|
**A:** No.
|
|
|
|
|
|
|
2022-07-13 23:49:12 +02:00
|
|
|
|
[](https://github.com/sponsors/alterNERDtive)
|
|
|
|
|
|
[](https://ko-fi.com/S6S1DLYBS)
|
