sshd-openpgp-auth-revoke(1) General Commands Manual NAME sshd-openpgp-auth-revoke - Revoke subkeys of an OpenPGP certificate SYNOPSIS sshd-openpgp-auth revoke [-a|--all] [-f|--fingerprint] [-m|--message] [-o|--openpgp-dir] [-r|--reason] [-s|--stdout] [-S|--subkey-fingerprint] [-t|--time] [-h|--help] DESCRIPTION Revoke subkeys of an OpenPGP certificate By default this command revokes the subkeys of an OpenPGP certificate in /var/lib/sshd-openpgp-auth/. If more than one OpenPGP certificate is found in the target directory, an OpenPGP fingerprint must be specified. OPTIONS -a, --all Revoke all subkeys of the chosen OpenPGP certificate -f, --fingerprint=FINGERPRINT An OpenPGP fingerprint to identify a specific certificate May also be specified with the SOA_FINGERPRINT environment variable. -m, --message=MESSAGE An optional message for the revocation May also be specified with the SOA_REVOCATION_MESSAGE environment variable. -o, --openpgp-dir=DIR A custom directory in which to look for OpenPGP certificates (defaults to "/var/lib/sshd-openpgp-auth/") May also be specified with the SOA_OPENPGP_DIR environment variable. -r, --reason=REASON A custom revocation reason (defaults to "superseded"). One of "compromised" (Hard), "retired" (Soft), "superseded" (Soft). May also be specified with the SOA_REVOCATION_REASON environment variable. -s, --stdout Output the OpenPGP certificate to stdout instead of a file -S, --subkey-fingerprint=SUBKEY_FINGERPRINT An OpenPGP fingerprint to identify a specific subkey. This option can be provided more than once May also be specified with the SOA_SUBKEY_FINGERPRINT environment variable. -t, --time=TIME A custom reference time formatted as an RFC3339 string (defaults to now) May also be specified with the SOA_TIME environment variable. -h, --help Print help (see a summary with '-h') sshd-openpgp-auth-revoke sshd-openpgp-auth-revoke(1)