tsafe.1 - safe-go - Unnamed repository; edit this file 'description' to name the repository.
HTML git clone git://git.z3bra.org/safe-go.git
DIR Log
DIR Files
DIR Refs
---
tsafe.1 (2521B)
---
1 .Dd 2019-02-20
2 .Dt SAFE 1
3 .Os POSIX.1-2017
4 .Sh NAME
5 .Nm safe
6 .Nd digital safe for your secrets
7 .Sh SYNOPSIS
8 .Nm
9 .Op Fl bhr
10 .Op Fl p Ar prompt
11 .Op Fl s Ar safe
12 .Op Oo Fl af Oc Ar secret
13 .Sh DESCRIPTION
14 .Nm
15 stores secrets (files) encrypted on your disk, and lets you retrieve them,
16 given that you have the right password.
17 .El
18 .Bl -tag -width Ds
19 .It Ar secret
20 Decrypt file
21 .Ar secret
22 from your safe to stdout.
23 .It Fl a Ar secret
24 Encrypt stdin to your safe as
25 .Ar secret .
26 Use
27 .Fl f
28 to overwrite an existing secret.
29 .It Fl b
30 Batch mode. Reads master password from stdin.
31 .It Fl f
32 Force writing to
33 .Ar secret
34 if it exists.
35 Implies
36 .Fl a .
37 .It Fl h
38 Print a quick usage text.
39 .It Fl k
40 Prompt user for password using an external program (see: SAFE_ASKPASS).
41 .It Fl p Ar prompt
42 Prompt user for password using text
43 .Ar prompt .
44 (default: "password:")
45 .It Fl r
46 Remember the password. The variable
47 .Ev SAFE_SOCK
48 must be set and point to the UNIX-domain socket bound by a running agent
49 (see AGENT).
50 .It Fl s Ar safe
51 Set the path to your safe as
52 .Ar safe .
53 (default: .secrets)
54 .Sh AGENT
55 When the agent is started,
56 .Nm
57 can retrieve the key from it rather than prompting you for a password.
58 .Nm
59 will try to read the key from the agent whenever the
60 .Ev SAFE_SOCK
61 variable is set in the environment.
62 .Pp
63 When the agent is first started, you can push the key to it using the
64 .Fl p
65 flag.
66 .Sh MASTER PASSWORD
67 When you add your first secret to the safe, a
68 .Ar master
69 entry will be created automatically. This entry stores your master
70 password, and is used to check that you typed the master password
71 correctly on the next calls.
72 .Pp
73 Do not delete this entry as it could lead to a corrupted safe.
74 .Sh EXAMPLES
75 Store a secret in your safe
76 .Bd -literal
77 $ safe -a secret/file < kitten.gif
78 .Ed
79 .Pp
80 List all secrets in $SAFE_DIR (choose your weapon)
81 .Bd -literal
82 $ tree --noreport $SAFE_DIR
83 $ find $SAFE_DIR -type f
84 $ ls -R $SAFE_DIR
85 $ tar -C $SAFE_DIR -v -f /dev/null -c . | cut -d / -f 2-
86 .Ed
87 .Pp
88 Retrieve a secret from your safe
89 .Bd -literal
90 $ safe secret/file > kitten.gif
91 password:
92 .Ed
93 .Sh ENVIRONMENT
94 .Bl -tag -width "SAFE_SOCK"
95 .It Ev SAFE_DIR
96 Defines the location of your safe (default: .secrets)
97 .It Ev SAFE_SOCK
98 Path to the UNIX-domain socket used to communicate with the agent.
99 .It Ev SAFE_ASKPASS
100 If no TTY is available, the program specified by this variable will be
101 used to read the master password (default: ssh-askpass)
102 .Sh SEE ALSO
103 .Xr safe-agent 1 ,
104 .Xr safe-store 5
105 .Sh AUTHORS
106 .An Willy Goiffon Aq Mt dev@z3bra.org