|TARSNAP-KEYMGMT(1)||General Commands Manual||TARSNAP-KEYMGMT(1)|
tarsnap-keymgmtreads the provided key files and writes a new key file (specified by
--outkeyfilenew-key-file) containing only the keys required for the operations specified via the
-r(list and extract archives),
-d(delete archives), and
--nukeflags. Note that
-rsince it is impossible to delete an individual archive without being able to read it; while a key file generated with
--nukecan be used to delete all the archives stored, but not individual archives.
The following list shows which permissions are required for various tarsnap(1) command modes.
- requires either (1)
-d(archive deleting), (2)
-w(archive creating), or (3)
- requires either (1) both
-w(archive writing) and
-r(archive reading) keys, or (2)
-d(archive deleting) keys.
-d(archive deleting) keys, since it needs to be able to delete corrupted archives.
--passphrased option is specified,
the user will be prompted to enter a passphrase (twice) to be used to
encrypt the key file.
maxmem option is specified, a maximum of
maxmem bytes of RAM will be used in the scrypt key
derivation function to encrypt the key file; it may be necessary to set this
option if a key file is being created on a system with far more RAM than the
system on which the key file will be used.
maxtime option is specified, a maximum of
approximately maxtime seconds will be used in the
scrypt key derivation function to encrypt the key file.
Note that if none of the
--nuke options are specified, a key file will be
produced which does not contain any keys. This is probably not very
key-file option displays the 64-bit integer
corresponding to the key's machine number. This may be useful for scripts or
GUIs which manage a user's Tarsnap account, but is not likely to be helpful
for command-line use.
key-file option displays the permissions which the key
--version option prints the version
tarsnap-keymgmt, then exits.
|July 28, 2017||Linux 5.10.9-arch1-1|