From 9495212a2ca3b640d4041dbe90502c76a5929aaf Mon Sep 17 00:00:00 2001 From: alterNERDtive Date: Tue, 19 Jul 2022 11:49:36 +0200 Subject: [PATCH] the beginnings of a README --- README.md | 39 +++++++++++++++++++++++++++++++++++++++ gpgtool.example.conf | 9 +++++++++ 2 files changed, 48 insertions(+) create mode 100644 gpgtool.example.conf diff --git a/README.md b/README.md index 1dce817..f8edbfc 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,45 @@ # GPGTool +Zsh script to manage GPG keys without storing the master key. + +GPG lets you have sub keys for encryption and for signing without having access +to the secret part of the master key. That way you can use your GPG key without +fear of having your secure identity compromised should you ever “lose” your +keys. + +An attacker will be able to use the currently valid sub keys until you revoke +them. They will _never_ be able to create new sub keys for your master key. + +So in case of compromise of your GPG key(s), whip out your securely stored +master key, invalidate your current sub keys, make sure to propagate that e.g. +via key server and generate new sub keys. + +## Installation + +Download / clone this repo and put it somewhere. Either run `gpgtools` from +there directly or put it in your `PATH`. + +If you want to package this for your flavour for \*nix, go ahead. It’s GPL. + +## Usage + FIXXME +## (Optional) Configuration File + +FIXXME + +See [`gpgtool.example.conf`](gpgtool.example.conf). + +## F.A.Q. + +**Q:** I want this as a bash script! + +**A:** That’s not a question. + +**Q:** Can I have this as a bash script? + +**A:** No. + [![GitHub Sponsors](https://img.shields.io/github/sponsors/alterNERDtive?style=for-the-badge)](https://github.com/sponsors/alterNERDtive) [![ko-fi](https://ko-fi.com/img/githubbutton_sm.svg)](https://ko-fi.com/S6S1DLYBS) diff --git a/gpgtool.example.conf b/gpgtool.example.conf new file mode 100644 index 0000000..d569ee9 --- /dev/null +++ b/gpgtool.example.conf @@ -0,0 +1,9 @@ +# One of GPGTOOLDIR or GPGTOOLDEV is required. If GPGTOOLDEV is given GPGTOOLDIR +# will be treated as relative to the mount point of GPGTOOLDEV. + +# Path to the key directory. +# Can be set with `-p` `--directory`. +GPGTOOLKEYPATH=/path/to/key/directory/ +# Path to the device that holds the key directory, e.g. a USB flash drive. +# Can be set with `-d` `--device` +GPGTOOLKEYDEV=/path/to/device