PIUS(1) General Commands Manual PIUS(1)

pius - PGP Individual UID Signer

pius [options] -s <signer-keyid> <keyid> [ <keyid> ... ]
pius [options] -A -r <keyring-path> -s <signer-keyid>

pius is a tool for individually signing all of the UIDs on a set of keys, and emailing an encrypted copy of each such signature to the email address associated with that UID.

As a result of this process, the recipient can choose which signatures to import. Also, signatures of inactive uids are not delivered. This tool greatly reduces time and error when signing keys.

--version
show program's version number and exit
-h, --help
show this help message and exit
-A, --all-keys
Sign all keys on the keyring. Requires -r.
-d, --debug
Enable debugging output.
-b PATH, --gpg-path=PATH
Path to gpg binary. [default: /usr/bin/gpg2]
-e, --encrypt-outfiles
Encrypt output files with respective keys.
-H HOSTNAME, --mail-host=HOSTNAME
Hostname of SMTP server. [default: localhost]
-I, --import
Also import the unsigned keys from the keyring into the default keyring. Ignored if -r is not specified, or if it's the same as the default keyring.
-m FROM-EMAIL, --mail=FROM-EMAIL
Email the encrypted, signed keys to the respective email addresses using FROM-EMAIL as the sender. See also -H and -P.
-M FILE, --mail-text=FILE
Use the text in FILE as the body of email when sending out emails instead of the default text. To see the default text use --print-default-email. Requires -m.
-N, --no-sort-keyring
Do not sort the keyring by name.
-n TO-EMAIL, --override-email=TO-EMAIL
Rather than send to the user, send to this address. Mostly useful for debugging.
-o OUTPUT-DIR, --out-dir=OUTPUT-DIR
Directory to put signed keys in. [default: /tmp/pius_out]
-O, --no-pgp-mime
Do not use PGP/Mime when sending email.
-P PORT, --mail-port=PORT
Port of SMTP server. [default: 587]
-r KEYRING, --keyring=KEYRING
The keyring to use. Be sure to specify full or relative path. Just a filename will cause GPG to assume relative to ~/.gnupg. [default: ~/.gnupg/pubring.gpg]
-s SIGNER-KEYID, --signer=SIGNER-KEYID
The keyid to sign with (required).
-f KEYID, --force-signer=KEYID
Force GnuPG to use this exact keyid to sign (do not guess subkey)
-S, --no-mail-tls
Do not use STARTTLS when talking to the SMTP server.
-t TEMP-DIR, --tmp-dir=TEMP-DIR
Directory to put temporary stuff in. [default: /tmp/pius_tmp]
-T, --print-default-email
Print the default email.
-u USER, --mail-user=USER
Authenticate to the SMTP server with username USER. You will be prompted for the password.
-U POLICY-URL, --policy-url=POLICY-URL
Policy URL to include in each signature.
-v, --verbose
Be more verbose.

PIUS was written by Phil Dibowitz <phil@ipom.com>

This manual page was written by Luke Cycon <lcycon@gmail.com> and Felix Lechner <felix.lechner@gmail.com> for the Debian project, but may be used by others.

DECEMBER 2016