sq-toolbox-keyring-filter - Man Page

Join keys into a keyring applying a filter

Synopsis

sq toolbox keyring filter [Options] FILE

Description

Join keys into a keyring applying a filter.

This can be used to filter keys based on given predicates, e.g. whether they have a user id containing an email address with a certain domain.  Additionally, the keys can be pruned to only include components matching the predicates.

If no filters are supplied, everything matches.

If multiple predicates are given, they are or'ed, i.e., a key matches if any of the predicates match.  To require all predicates to match, chain multiple invocations of this command.  See Examples for inspiration.

Options

Subcommand options

--binary

Emit binary data

--cert=FINGERPRINT|KEYID

Match on primary keys, including those certificates that match the given fingerprint or key ID.

--domain=FQDN

Parse user ids into name and email address and case-sensitively matches on the domain of the email address, requiring an exact match.

--email=ADDRESS

Parse user ids into name and email address and case-sensitively matches on the email address, requiring an exact match.

--key=FINGERPRINT|KEYID

Match on both primary keys and subkeys, including those certificates that match the given fingerprint or key ID.

--name=NAME

Parse user ids into name and email and case-sensitively matches on the name, requiring an exact match.

--output=FILE

Write to FILE or stdout if omitted

[default: -]

--prune-certs

Remove certificate components not matching the filter

--to-cert

Convert any keys in the input to certificates.  Converting a key to a certificate removes secret key material from the key thereby turning it into a certificate.

--userid=USERID

Case-sensitively matches on the user id, requiring an exact match.

FILE

Read from FILE or stdin if omitted

Global options

See sq(1) for a description of the global options.

Examples

Convert all keys to certificates (i.e. remove any secret key material).

    sq toolbox keyring filter --to-cert certs.pgp

Get all certificates with a user ID on example.org.

    sq toolbox keyring filter --domain=example.org certs.pgp

Get all certificates with a user ID on example.org or example.net.

    sq toolbox keyring filter --domain=example.org \
    --domain=example.net certs.pgp

Get all certificates with a name user ID matching Romeo.

    sq toolbox keyring filter --name=Romeo certs.pgp

Get all certificates with a name user ID matching Romeo on example.org.

    sq toolbox keyring filter --domain=example.org certs.pgp \
    | sq toolbox keyring filter --name=Romeo

Get all certificates with a user ID on example.org, pruning other user IDs.

    sq toolbox keyring filter --domain=example.org --prune-certs \
    certs.pgp

See Also

sq(1), sq-toolbox(1), sq-toolbox-keyring(1).

For the full documentation see <https://book.sequoia-pgp.org>.

Version

0.39.0 (sequoia-openpgp 1.21.2)

Referenced By

sq-toolbox-keyring(1).

0.39.0 Sequoia PGP