Man page - gfsec-split-gpg(1)

Packages contains this manual

Package: gfsecret
apt-get install gfsecret

Manuals in package:

Documentations in package:

gfsecret

Manual

GFSEC-SPLIT-GPG

NAME
SYNOPSIS
DESCRIPTION
OPTIONS
NOTES
EXAMPLE INVOCATION
REPORTING BUGS
SEE ALSO
COPYRIGHT

NAME

gfsec-split-gpg - Split a GnuPG primary private key

SYNOPSIS

gfsec-split

DESCRIPTION

gfsec-split-gpg is a wrapper script around gfsec-split to facilitate splitting a GnuPG private primary key into a number of shares and dispatching the resulting shares onto external storage supports.

The split key can then be temporarily reconstructed gfsec-use (1).

OPTIONS

-h , --help

Display the help message.

-v , --version

Display the version message.

-u , --user-id uid

Split the primary key associated with the specified OpenPGP User ID. This option is only needed if the GnuPG private keyring contains more than one primary private key.

-k , --keep

By default, gfsec-split-gpg will remove the key from the GnuPG keyring once it has been successfully split. Use this option to prevent the key from being removed.

-c , --config file

Write the configuration file (allowing to reconstruct the secret with gfsec-use (1) ) to the specified file. Default is $XDG_CONFIG_HOME/gfsecret/masterkey.conf. If FILE is a single filename without extension and without a directory part, the file will be placed under the $XDG_CONFIG_HOME/gfsecret directory with a .conf extension.

-i , --interactive

Present the user with an interactive menu to specify the shares to create.

-n , --threshold N

Specify the minimal number of shares required to re-assemble the split file. Default is 2.

NOTES

This script will only work with GnuPG 2.1 or higher. It will abort before attempting anything if it cannot detect a binary for the correct GnuPG version.

EXAMPLE INVOCATION

gfsec-split-gpg alice \
file:///home/alice/.local/share/gfsecret/mykey \
label://USBSTICK/mykey \
mtp://RF2GB6X704P/Documents/mykey \

The above example will split Alice’s primary private key into three shares: one on the local filesystem, one on the USB mass storage device with the label USBSTICK , and one on the MTP-compliant device with the serial RF2GB6X704P . A configuration file will be written in $XDG_CONFIG_HOME/gfsecret/mysecret allowing to automatically reconstruct the file with gfsec-use (1) provided at least one of the two removable supports are present.

REPORTING BUGS

Report bugs to Damien Goutte-Gattat .

COPYRIGHT

This program is released under the GNU General Public License. See the COPYING file in the source distribution or http://www.gnu.org/licenses/gpl.html .