sq-network-keyserver-search - Man Page
Retrieve certificates from key servers
Synopsis
sq network keyserver search [Options] QUERY
Description
Retrieve certificates from key servers.
By default, any returned certificates are stored in the local certificate store. This can be overridden by using `--output` option.
When a certificate is retrieved from a verifying key server (currently, this is limited to a list of known servers: `hkps://keys.openpgp.org`, `hkps://keys.mailvelope.com`, and `hkps://mail-api.proton.me`), and imported into the local certificate store, the User IDs are also certificated with a local server-specific key. That proxy certificate is in turn certified as a minimally trusted CA (trust amount: 1 of 120) by the local trust root. How much a proxy key server CA is trusted can be tuned using `sq pki link add` or `sq pki link retract` in the usual way.
Options
Subcommand options
- --all
Fetch updates for all known certificates
- --output=FILE
Write to FILE (or stdout when omitted) instead of importing into the certificate store
- --server=URI
Set a key server to use (can be given multiple times)
The default can be changed in the configuration file using the setting `network.keyserver.servers`.
[default: hkps://keys.openpgp.org, hkps://mail-api.proton.me, hkps://keys.mailvelope.com, hkps://keyserver.ubuntu.com, hkps://sks.pod01.fleetstreetops.com]
- QUERY
Retrieve certificate(s) using QUERY
This may be a fingerprint, a KeyID, or an email address.
Global options
See sq(1) for a description of the global options.
Examples
Retrieve Alice's certificate from the default keyservers.
sq network keyserver search alice@example.org
Retrieve Alice's certificate addressed by fingerprint from the default keyservers.
sq network keyserver search \
EB28F26E2739A4870ECC47726F0073F60FD0CBF0Retrieve Alice's certificate from a non-default keyserver.
sq network keyserver search --server=hkps://keys.example.org \
alice@example.orgRetrieve updates for all known certificates from the default keyservers.
sq network keyserver search --all
See Also
sq(1), sq-network(1), sq-network-keyserver(1).
For the full documentation see <https://book.sequoia-pgp.org>.
Version
1.0.0 (sequoia-openpgp 1.22.0)