NAME¶

pius - PGP Individual UID Signer

SYNOPSIS¶

pius [options] -s <signer-keyid> <keyid> [ <keyid> ... ]
pius [options] -A -r <keyring-path> -s <signer-keyid>

DESCRIPTION¶

pius is a tool for individually signing all of the UIDs on a set of keys, and emailing an encrypted copy of each such signature to the email address associated with that UID.

As a result of this process, the recipient can choose which signatures to import. Also, signatures of inactive uids are not delivered. This tool greatly reduces time and error when signing keys.

OPTIONS¶

--version: show program's version number and exit
-h, --help: show this help message and exit
-a, --use-agent: Use gpg-agent instead of letting gpg prompt the user or every UID. [default: true]
-A, --all-keys: Sign all keys on the keyring. Requires -r.
-d, --debug: Enable debugging output.
-b PATH, --gpg-path=PATH: Path to gpg binary. [default: /usr/bin/gpg2]
-e, --encrypt-outfiles: Encrypt output files with respective keys.
-H HOSTNAME, --mail-host=HOSTNAME: Hostname of SMTP server. [default: localhost]
-i, --interactive: Use the pexpect module for signing and drop to the gpg shell for entering the passphrase. [default: false]
-I, --import: Also import the unsigned keys from the keyring into the default keyring. Ignored if -r is not specified, or if it's the same as the default keyring.
-m FROM-EMAIL, --mail=FROM-EMAIL: Email the encrypted, signed keys to the respective email addresses using FROM-EMAIL as the sender. See also -H and -P.
-M FILE, --mail-text=FILE: Use the text in FILE as the body of email when sending out emails instead of the default text. To see the default text use --print-default-email. Requires -m.
-N, --no-sort-keyring: Do not sort the keyring by name.
-n TO-EMAIL, --override-email=TO-EMAIL: Rather than send to the user, send to this address. Mostly useful for debugging.
-o OUTPUT-DIR, --out-dir=OUTPUT-DIR: Directory to put signed keys in. [default: /tmp/pius_out]
-O, --no-pgp-mime: Do not use PGP/Mime when sending email.
-p, --cache-passphrase: Cache private key passphrase in memory and provide it to gpg instead of letting gpg prompt the user for every UID. [default: false]
-P PORT, --mail-port=PORT: Port of SMTP server. [default: 25]
-r KEYRING, --keyring=KEYRING: The keyring to use. Be sure to specify full or relative path. Just a filename will cause GPG to assume relative to ~/.gnupg. [default: ~/.gnupg/pubring.gpg]
-s SIGNER-KEYID, --signer=SIGNER-KEYID: The keyid to sign with (required).
-f KEYID, --force-signer=KEYID: Force GnuPG to use this exact keyid to sign (do not guess subkey)
-S, --no-mail-tls: Do not use STARTTLS when talking to the SMTP server.
-t TEMP-DIR, --tmp-dir=TEMP-DIR: Directory to put temporary stuff in. [default: /tmp/pius_tmp]
-T, --print-default-email: Print the default email.
-u USER, --mail-user=USER: Authenticate to the SMTP server with username USER. You will be prompted for the password.
-U POLICY-URL, --policy-url=POLICY-URL: Policy URL to include in each signature.
-v, --verbose: Be more verbose.

AUTHOR¶

PIUS was written by Phil Dibowitz <phil@ipom.com>

This manual page was written by Luke Cycon <lcycon@gmail.com> and Felix Lechner <felix.lechner@gmail.com> for the Debian project, but may be used by others.

DECEMBER 2016

Source file:	pius.1.en.gz (from pius 2.2.3-1)
Source last updated:	2017-01-17T06:33:30Z
Converted to HTML:	2019-06-03T08:09:05Z