sq-toolbox-keyring - Man Page
Manage collections of keys or certs
Synopsis
sq toolbox keyring list [OPTIONS] FILE
sq toolbox keyring split [OPTIONS] FILE
sq toolbox keyring merge [OPTIONS] FILE
sq toolbox keyring filter [OPTIONS] FILE
Description
Manage collections of keys or certs.
Collections of keys or certificates (also known as "keyrings" when they contain secret key material, and "certrings" when they don't) are any number of concatenated certificates. This subcommand provides tools to list, split, merge, and filter keyrings.
Note: In the documentation of this subcommand, we sometimes use the terms keys and certs interchangeably.
Subcommands
sq toolbox keyring list
List keys in a keyring.
Prints the fingerprint as well as the primary userid for every certificate encountered in the keyring.
sq toolbox keyring split
Split a keyring into individual keys.
Splitting up a keyring into individual keys helps with curating a keyring.
The converse operation is `sq toolbox keyring merge`.
sq toolbox keyring merge
Merge keys or keyrings into a single keyring.
Multiple versions of the same certificate are merged together. Where data is replaced (e.g., secret key material), data from the later certificate is preferred.
sq toolbox keyring filter
Join keys into a keyring applying a filter.
This can be used to filter keys based on given predicates, e.g. whether they have a user id containing an email address with a certain domain. Additionally, the keys can be pruned to only include components matching the predicates.
If no filters are supplied, everything matches.
If multiple predicates are given, they are or'ed, i.e., a key matches if any of the predicates match. To require all predicates to match, chain multiple invocations of this command. See Examples for inspiration.
Examples
sq toolbox keyring list
List all certificates.
sq toolbox keyring list certs.pgp
List all certificates with a user ID on example.org.
sq toolbox keyring filter --domain=example.org certs.pgp \
| sq toolbox keyring listsq toolbox keyring split
Split all certificates.
sq toolbox keyring split certs.pgp
Split all certificates, merging them first to avoid duplicates.
sq toolbox keyring merge certs.pgp \
| sq toolbox keyring splitsq toolbox keyring merge
Merge certificate updates.
sq toolbox keyring merge bob.pgp bob-updates.pgp
sq toolbox keyring filter
Convert all keys to certificates (i.e. remove any secret key material).
sq toolbox keyring filter --to-cert certs.pgp
Get all certificates with a user ID on example.org.
sq toolbox keyring filter --domain=example.org certs.pgp
Get all certificates with a user ID on example.org or example.net.
sq toolbox keyring filter --domain=example.org \
--domain=example.net certs.pgpGet all certificates with a name user ID matching Romeo.
sq toolbox keyring filter --name=Romeo certs.pgp
Get all certificates with a name user ID matching Romeo on example.org.
sq toolbox keyring filter --domain=example.org certs.pgp \
| sq toolbox keyring filter --name=RomeoGet all certificates with a user ID on example.org, pruning other user IDs.
sq toolbox keyring filter --domain=example.org --prune-certs \
certs.pgpSee Also
sq(1), sq-toolbox(1), sq-toolbox-keyring-list(1), sq-toolbox-keyring-split(1), sq-toolbox-keyring-merge(1), sq-toolbox-keyring-filter(1).
For the full documentation see <https://book.sequoia-pgp.org>.
Version
0.39.0 (sequoia-openpgp 1.21.2)
Referenced By
sq-toolbox(1), sq-toolbox-keyring-filter(1), sq-toolbox-keyring-list(1), sq-toolbox-keyring-merge(1), sq-toolbox-keyring-split(1).