NAME¶
keyczart - asymmetric key management tool
SYNOPSIS¶
keyczart <command> <flags>
DESCRIPTION¶
This manual page documents briefly the
keyczart command, a tool which can
be used to create and manage asymmetric keys. Currently, the supported key
types are RSA and DSA.
GENERAL OPTIONS¶
keyczart supports the following commands and options:
create --location=
KEYPATH --purpose=
PURPOSE [ --name=
NAME --asymmetric=
TYPE ]
- Creates a new, empty key set in the given location and the given purpose,
which must be one of either "crypt" or "sign". The key
set may optionally be given a name, and the key type can be chosen as
well, in which case must be one of either "rsa" or
"dsa". The "dsa" asymmetric value is valid only for
sets with "sign" purpose.
addkeys --location=
KEYPATH [ --status=
STATUS --size=
SIZE --crypter=
LOCATION ]
- Adds a new key to an existing key set. One can optionally specify a
status, which can be one of either of "active" or
"primary", with "active" being the default. The key
size in bits can also be specified, as can the location of a set of
crypting keys which will be used to encrypt this key set.
pubkey --location=
KEYPATH --destination=
DEST
- Extracts public keys from a given key set and writes them to the
destination. The pubkey command Only works for key sets that were
created with the --asymmetric flag.
promote --location=
KEYPATH --version=
NUMBER
- Promotes the status of the given key version in the given location. Active
keys are promoted to primary (which demotes any existing primary key to
active). Keys scheduled for revocation are promoted to be active.
demote --location=
KEYPATH --version=
NUMBER
- Demotes the status of the given key version in the given location. Primary
keys are demoted to active. Active keys are scheduled for revocation.
revoke --location=
KEYPATH --version=
NUMBER
- Revokes the key of the given version number. This key must have been
scheduled for revocation by the promote command. WARNING: The key
will be destroyed.
AUTHOR¶
keyczart was written by members of the Google Security Team.
This manual page was written by Christian Kastner <debian@kvr.at> for the
Debian project (and may be used by others).