Site Navigation

FreeBSD Manual Pages

   man apropos
 
   All Sections 1 - General Commands 2 - System Calls 3 - Subroutines 4 - Special Files 5 - File Formats 6 - Games 7 - Macros and Conventions 8 - Maintenance Commands 9 - Kernel Interface n - New Commands FreeBSD 16.0-CURRENT FreeBSD 15.0-RELEASE FreeBSD 15.0-RELEASE and Ports FreeBSD 15.0-RELEASE and Ports.quarterly FreeBSD 15.0-STABLE FreeBSD 14.4-RELEASE and Ports FreeBSD 14.4-STABLE FreeBSD 14.3-RELEASE FreeBSD 14.3-RELEASE and Ports FreeBSD 14.2-RELEASE FreeBSD 14.2-RELEASE and Ports FreeBSD 14.1-RELEASE FreeBSD 14.1-RELEASE and Ports FreeBSD 14.0-RELEASE FreeBSD 14.0-RELEASE and Ports FreeBSD 13.5-RELEASE FreeBSD 13.5-RELEASE and Ports FreeBSD 13.5-STABLE FreeBSD 13.4-RELEASE FreeBSD 13.4-RELEASE and Ports FreeBSD 13.3-RELEASE FreeBSD 13.3-RELEASE and Ports FreeBSD 13.2-RELEASE FreeBSD 13.2-RELEASE and Ports FreeBSD 13.1-RELEASE FreeBSD 13.1-RELEASE and Ports FreeBSD 13.0-RELEASE FreeBSD 13.0-RELEASE and Ports FreeBSD 12.4-RELEASE FreeBSD 12.4-RELEASE and Ports FreeBSD 12.3-RELEASE FreeBSD 12.3-RELEASE and Ports FreeBSD 12.2-RELEASE FreeBSD 12.2-RELEASE and Ports FreeBSD 12.1-RELEASE FreeBSD 12.1-RELEASE and Ports FreeBSD 12.0-RELEASE FreeBSD 12.0-RELEASE and Ports FreeBSD 11.4-RELEASE FreeBSD 11.4-RELEASE and Ports FreeBSD 11.3-RELEASE FreeBSD 11.3-RELEASE and Ports FreeBSD 11.2-RELEASE FreeBSD 11.2-RELEASE and Ports FreeBSD 11.1-RELEASE FreeBSD 11.1-RELEASE and Ports FreeBSD 11.0-RELEASE FreeBSD 11.0-RELEASE and Ports FreeBSD 10.4-RELEASE FreeBSD 10.4-RELEASE and Ports FreeBSD 10.3-RELEASE FreeBSD 10.3-RELEASE and Ports FreeBSD 10.2-RELEASE FreeBSD 10.2-RELEASE and Ports FreeBSD 10.1-RELEASE FreeBSD 10.1-RELEASE and Ports FreeBSD 10.0-RELEASE FreeBSD 10.0-RELEASE and Ports FreeBSD 9.3-RELEASE FreeBSD 9.3-RELEASE and Ports FreeBSD 9.2-RELEASE FreeBSD 9.2-RELEASE and Ports FreeBSD 9.1-RELEASE FreeBSD 9.1-RELEASE and Ports FreeBSD 9.0-RELEASE FreeBSD 9.0-RELEASE and Ports FreeBSD 8.4-RELEASE FreeBSD 8.4-RELEASE and Ports FreeBSD 8.3-RELEASE FreeBSD 8.3-RELEASE and Ports FreeBSD 8.2-RELEASE FreeBSD 8.2-RELEASE and Ports FreeBSD 8.1-RELEASE FreeBSD 8.1-RELEASE and Ports FreeBSD 8.0-RELEASE FreeBSD 8.0-RELEASE and Ports FreeBSD 7.4-RELEASE FreeBSD 7.4-RELEASE and Ports FreeBSD 7.3-RELEASE FreeBSD 7.3-RELEASE and Ports FreeBSD 7.2-RELEASE FreeBSD 7.2-RELEASE and Ports FreeBSD 7.1-RELEASE FreeBSD 7.1-RELEASE and Ports FreeBSD 7.0-RELEASE FreeBSD 6.4-RELEASE FreeBSD 6.4-RELEASE and Ports FreeBSD 6.3-RELEASE FreeBSD 6.3-RELEASE and Ports FreeBSD 6.2-RELEASE FreeBSD 6.1-RELEASE FreeBSD 6.0-RELEASE FreeBSD 6.0-RELEASE and Ports FreeBSD 5.5-RELEASE FreeBSD 5.5-RELEASE and Ports FreeBSD 5.4-RELEASE FreeBSD 5.4-RELEASE and Ports FreeBSD 5.3-RELEASE FreeBSD 5.3-RELEASE and Ports FreeBSD 5.2.1-RELEASE FreeBSD 5.2.1-RELEASE and Ports FreeBSD 5.2-RELEASE FreeBSD 5.2-RELEASE and Ports FreeBSD 5.1-RELEASE FreeBSD 5.0-RELEASE FreeBSD 4.11-RELEASE FreeBSD 4.11-RELEASE and Ports FreeBSD 4.10-RELEASE FreeBSD 4.10-RELEASE and Ports FreeBSD 4.9-RELEASE FreeBSD 4.9-RELEASE and Ports FreeBSD 4.8-RELEASE FreeBSD 4.8-RELEASE and Ports FreeBSD 4.7-RELEASE FreeBSD 4.6.2-RELEASE FreeBSD 4.6.2-RELEASE and Ports FreeBSD 4.6-RELEASE FreeBSD 4.6-RELEASE and Ports FreeBSD 4.5-RELEASE FreeBSD 4.5-RELEASE and Ports FreeBSD 4.4-RELEASE FreeBSD 4.3-RELEASE FreeBSD 4.3-RELEASE and Ports FreeBSD 4.2-RELEASE FreeBSD 4.2-RELEASE and Ports FreeBSD 4.1.1-RELEASE FreeBSD 4.1.1-RELEASE and Ports FreeBSD 4.1-RELEASE FreeBSD 4.0-RELEASE FreeBSD 3.5.1-RELEASE FreeBSD 3.5.1-RELEASE and Ports FreeBSD 3.5-RELEASE and Ports FreeBSD 3.4-RELEASE FreeBSD 3.4-RELEASE and Ports FreeBSD 3.3-RELEASE FreeBSD 3.2-RELEASE FreeBSD 3.1-RELEASE FreeBSD 3.0-RELEASE FreeBSD 2.2.8-RELEASE FreeBSD 2.2.8-RELEASE and Ports FreeBSD 2.2.7-RELEASE FreeBSD 2.2.6-RELEASE FreeBSD 2.2.5-RELEASE FreeBSD 2.2.2-RELEASE FreeBSD 2.2.1-RELEASE FreeBSD 2.1.7.1-RELEASE FreeBSD 2.1.6.1-RELEASE FreeBSD 2.1.5-RELEASE FreeBSD 2.1.0-RELEASE FreeBSD 2.0.5-RELEASE FreeBSD 2.0-RELEASE FreeBSD 1.1.5.1-RELEASE FreeBSD 1.1-RELEASE FreeBSD 1.0-RELEASE FreeBSD Ports 15.0 FreeBSD Ports 15.0.quarterly FreeBSD Ports 14.4 FreeBSD Ports 14.3 FreeBSD Ports 14.2 FreeBSD Ports 14.1 FreeBSD Ports 14.0 FreeBSD Ports 13.5 FreeBSD Ports 13.4 FreeBSD Ports 13.3 FreeBSD Ports 13.2 FreeBSD Ports 13.1 FreeBSD Ports 13.0 FreeBSD Ports 12.4 FreeBSD Ports 12.3 FreeBSD Ports 12.2 FreeBSD Ports 12.1 FreeBSD Ports 12.0 FreeBSD Ports 11.4 FreeBSD Ports 11.3 FreeBSD Ports 11.2 FreeBSD Ports 11.1 FreeBSD Ports 11.0 FreeBSD Ports 10.4 FreeBSD Ports 10.3 FreeBSD Ports 10.2 FreeBSD Ports 10.1 FreeBSD Ports 10.0 FreeBSD Ports 9.3 FreeBSD Ports 9.2 FreeBSD Ports 9.1 FreeBSD Ports 9.0 FreeBSD Ports 8.4 FreeBSD Ports 8.3 FreeBSD Ports 8.2 FreeBSD Ports 8.1 FreeBSD Ports 8.0 FreeBSD Ports 7.4 FreeBSD Ports 7.3 FreeBSD Ports 7.2 FreeBSD Ports 7.1 FreeBSD Ports 7.0 FreeBSD Ports 6.4 FreeBSD Ports 6.3 FreeBSD Ports 6.2 FreeBSD Ports 6.0 FreeBSD Ports 5.5 FreeBSD Ports 5.4 FreeBSD Ports 5.3 FreeBSD Ports 5.2.1 FreeBSD Ports 5.2 FreeBSD Ports 5.1 FreeBSD Ports 4.11 FreeBSD Ports 4.10 FreeBSD Ports 4.9 FreeBSD Ports 4.8 FreeBSD Ports 4.7 FreeBSD Ports 4.6.2 FreeBSD Ports 4.6 FreeBSD Ports 4.5 FreeBSD Ports 4.3 FreeBSD Ports 4.2 FreeBSD Ports 4.1.1 FreeBSD Ports 3.5.1 FreeBSD Ports 3.5 FreeBSD Ports 3.4 FreeBSD Ports 2.2.8 4.4BSD Lite2 4.3BSD NET/2 4.3BSD Reno 2.11 BSD 2.10 BSD 2.9.1 BSD 2.8 BSD 386BSD 0.1 386BSD 0.0 CentOS 7.9 CentOS 7.8 CentOS 7.7 CentOS 7.6 CentOS 7.5 CentOS 7.4 CentOS 7.3 CentOS 7.2 CentOS 7.1 CentOS 7.0 CentOS 6.10 CentOS 6.9 CentOS 6.8 CentOS 6.7 CentOS 6.6 CentOS 6.5 CentOS 6.4 CentOS 6.3 CentOS 6.2 CentOS 6.1 CentOS 6.0 CentOS 5.11 CentOS 5.10 CentOS 5.9 CentOS 5.8 CentOS 5.7 CentOS 5.6 CentOS 5.5 CentOS 5.4 CentOS 4.8 CentOS 3.9 Darwin 8.0.1/ppc Darwin 7.0.1 Darwin 6.0.2/x86 Darwin 1.4.1/x86 Darwin 1.3.1/x86 Debian 14.0 unstable Debian 13.3.0 Debian 12.13.0 Debian 11.11.0 Debian 10.13.0 Debian 9.13.0 Debian 8.11.1 Debian 7.11.0 Debian 6.0.10 Debian 5.0.10 Debian 4.0.9 Debian 3.1.8 Debian 2.2.7 Debian 2.0.0 Dell UNIX SVR4 2.2 DragonFly 6.4.2 DragonFly 5.8.3 DragonFly 4.8.1 DragonFly 3.8.2 DragonFly 2.10.1 DragonFly 1.12.1 DragonFly 1.0A HP-UX 11.22 HP-UX 11.20 HP-UX 11.11 HP-UX 11.00 HP-UX 10.20 HP-UX 10.10 HP-UX 10.01 HP-UX 9.07 HP-UX 8.07 Inferno 4th Edition IRIX 6.5.30 Linux Slackware 3.1 MACH 2.5/i386 macOS 26.3 macOS 15.7.4 macOS 14.8.4 macOS 13.6.5 macOS 12.7.3 macOS 11.1 macOS 10.15.7 macOS 10.13.6 macOS 10.12.0 Minix 3.3.0 Minix 3.2.1 Minix 3.2.0 Minix 3.1.7 Minix 3.1.6 Minix 3.1.5 Minix 2.0.0 NetBSD 10.1 NetBSD 10.0 NetBSD 9.4 NetBSD 9.3 NetBSD 9.2 NetBSD 9.1 NetBSD 9.0 NetBSD 8.3 NetBSD 8.2 NetBSD 8.1 NetBSD 8.0 NetBSD 7.2 NetBSD 7.1.2 NetBSD 7.1 NetBSD 7.0 NetBSD 6.1.5 NetBSD 6.0 NetBSD 5.2.3 NetBSD 5.2 NetBSD 5.1 NetBSD 5.0 NetBSD 4.0.1 NetBSD 4.0 NetBSD 3.1 NetBSD 3.0 NetBSD 2.1 NetBSD 2.0.2 NetBSD 2.0 NetBSD 1.6.2 NetBSD 1.6.1 NetBSD 1.6 NetBSD 1.5.3 NetBSD 1.5.2 NetBSD 1.5.1 NetBSD 1.5 NetBSD 1.4.3 NetBSD 1.4.2 NetBSD 1.4.1 NetBSD 1.4 NetBSD 1.3.3 NetBSD 1.3.2 NetBSD 1.3.1 NetBSD 1.3 NetBSD 1.2.1 NetBSD 1.2 NetBSD 1.1 NetBSD 1.0 NeXTSTEP 3.3 OpenBSD 7.8 OpenBSD 7.7 OpenBSD 7.6 OpenBSD 7.5 OpenBSD 7.4 OpenBSD 7.3 OpenBSD 7.2 OpenBSD 7.1 OpenBSD 7.0 OpenBSD 6.9 OpenBSD 6.8 OpenBSD 6.7 OpenBSD 6.6 OpenBSD 6.5 OpenBSD 6.4 OpenBSD 6.3 OpenBSD 6.2 OpenBSD 6.1 OpenBSD 6.0 OpenBSD 5.9 OpenBSD 5.8 OpenBSD 5.7 OpenBSD 5.6 OpenBSD 5.5 OpenBSD 5.4 OpenBSD 5.3 OpenBSD 5.2 OpenBSD 5.1 OpenBSD 5.0 OpenBSD 4.9 OpenBSD 4.8 OpenBSD 4.7 OpenBSD 4.6 OpenBSD 4.5 OpenBSD 4.4 OpenBSD 4.3 OpenBSD 4.2 OpenBSD 4.1 OpenBSD 4.0 OpenBSD 3.9 OpenBSD 3.8 OpenBSD 3.7 OpenBSD 3.6 OpenBSD 3.5 OpenBSD 3.4 OpenBSD 3.3 OpenBSD 3.2 OpenBSD 3.1 OpenBSD 3.0 OpenBSD 2.9 OpenBSD 2.8 OpenBSD 2.7 OpenBSD 2.6 OpenBSD 2.5 OpenBSD 2.4 OpenBSD 2.3 OpenBSD 2.2 OpenBSD 2.1 OpenBSD 2.0 OpenDarwin 7.2.1 OpenDarwin 6.6.2/x86 OpenDarwin 6.6.1/x86 OpenDarwin 20030208pre4/ppc OpenIndiana 2024.10 OpenIndiana 2022.10 OpenIndiana 2020.10 OpenIndiana 2017.10 OpenIndiana 2015.10 OpenIndiana 2013.08 OpenSolaris 2010.03 OpenSolaris 2009.06 OpenStep 4.2 openSUSE 42.3 openSUSE 42.2 openSUSE 42.1 openSUSE 16.0 openSUSE 15.6 openSUSE 15.5 openSUSE 15.4 openSUSE 15.3 openSUSE 15.2 openSUSE 15.1 openSUSE 15.0 openSUSE 13.2 openSUSE 13.1 openSUSE 11.4 openSUSE 11.3 openSUSE 11.2 openSUSE 10.3 openSUSE 10.2 OSF1 V5.1/alpha OSF1 V4.0/alpha OSF1 V1.0/mips Plan 9 Red Hat 9.0 Red Hat 8.0 Red Hat 7.3 Red Hat 7.2 Red Hat 7.1 Red Hat 7.0 Red Hat 6.2 Red Hat 6.1 Red Hat 5.2 Red Hat 5.0 Red Hat 4.2 Rhapsody DR1 Rhapsody DR2 Rocky 10.1 Rocky 10.0 Rocky 9.7 Rocky 9.6 Rocky 9.5 Rocky 9.4 Rocky 9.3 Rocky 9.2 Rocky 9.1 Rocky 9.0 Rocky 8.10 Rocky 8.9 Rocky 8.8 Rocky 8.7 Rocky 8.6 Rocky 8.5 Rocky 8.4 Rocky 8.3 Sun UNIX 0.4 SunOS 5.10 SunOS 5.9 SunOS 5.8 SunOS 5.7 SunOS 5.6 SunOS 5.5.1 SunOS 4.1.3 SuSE 11.3 SuSE 11.2 SuSE 11.1 SuSE 11.0 SuSE 10.3 SuSE 10.2 SuSE 10.1 SuSE 10.0 SuSE 9.3 SuSE 9.2 SuSE 8.2 SuSE 8.1 SuSE 8.0 SuSE 7.3 SuSE 7.2 SuSE 7.1 SuSE 7.0 SuSE 6.4 SuSE 6.3 SuSE 6.1 SuSE 6.0 SuSE 5.3 SuSE 5.2 SuSE 5.0 SuSE 4.3 SuSE ES 10 SP1 Ubuntu 24.04 noble Ubuntu 23.10 mantic Ubuntu 22.04 jammy Ubuntu 20.04 focal Ubuntu 18.04 bionic Ubuntu 16.04 xenial Ubuntu 14.04 trusty ULTRIX 4.2 Ultrix-32 2.0/VAX Unix Seventh Edition X11R7.4 X11R7.3.2 X11R7.2 X11R6.9.0 X11R6.8.2 X11R6.7.0 XFree86 4.8.0 XFree86 4.7.0 XFree86 4.6.0 XFree86 4.5.0 XFree86 4.4.0 XFree86 4.3.0 XFree86 4.2.99.3 XFree86 4.2.0 XFree86 4.1.0 XFree86 4.0.2 XFree86 4.0.1 XFree86 4.0 XFree86 3.3.6 XFree86 3.3 XFree86 2.1 html pdf ascii

home | help

---

SQ(1)				 User Commands				 SQ(1)

NAME
       sq-pki-link - Manage authenticated certificate and User ID links

SYNOPSIS
       sq pki link add [OPTIONS]
       sq pki link authorize [OPTIONS]
       sq pki link retract [OPTIONS]
       sq pki link list	[OPTIONS] PATTERN

DESCRIPTION
       Manage authenticated certificate	and User ID links.

       Linking	a certificate and User ID is one way of	making `sq` consider a
       binding to be authentic.	 Another way is	to use `sq pki vouch  add`  to
       certify	the  binding  with  an	explicitly configured trust root.  The
       linking functionality is	often easier to	work with, and the information
       is private by default.

       Authenticated bindings can be used to designate a certificate  using  a
       symbolic	 name.	 For instance, using `sq encrypt`'s `--for-userid` and
       `--for-email` options, a	user can designate a certificate using a  User
       ID or an	email address that is authenticated for	that certificate.

       `sq`  also  uses	authenticated certificates to authenticate other data.
       For instance, `sq verify` considers signatures made by an authenticated
       certificate to be authentic.

       Users can create	a link using `sq pki link add`.	 That link  can	 later
       be  retracted  using  `sq pki link retract`.  A certificate can also be
       accepted	as a trusted introducer	by using `sq pki link authorize`.

       `sq` implements linking using non-exportable certifications, and	an im-
       plicit trust root.  An OpenPGP certificate directory, the default  cer-
       tificate	 store	used  by  `sq`,	 includes a local trust	root, which is
       stored under the	`trust-root` special name.  When  the  user  instructs
       `sq`  to	 accept	 a binding, `sq` uses the local	trust root to create a
       non-exportable certification, which it stores in	the certificate	direc-
       tory.  In this way, operations that use the Web of Trust	 to  authenti-
       cate a binding automatically use	links.

       When  a user retracts a link, `sq` creates a new, non-exportable	certi-
       fication	with zero trust.  This certification suppresses	 the  previous
       link.

SUBCOMMANDS
   sq pki link add
       Link a certificate and a	user ID.

       This  causes `sq` to consider the certificate and user ID binding to be
       authentic.  You would do	this if	you are	confident  that	 a  particular
       certificate  should  be associated with Alice, for example.  Note: this
       does not	consider the certificate to be a trusted introducer;  it  only
       considers  the  binding to be authentic.	 To authorize a	certificate to
       be a trusted introducer use `sq pki link	authorize`.

       A link can be retracted using `sq pki link retract`.

       This command is similar to `sq pki vouch	add`, but  the	certifications
       it  makes are done using	the certificate	directory's trust root,	not an
       arbitrary key.  Further,	the certificates are marked as non-exportable.
       The former makes	it easier to manage  certifications,  especially  when
       the  user's  certification key is offline.  And the latter improves the
       user's privacy, by reducing the chance that parts of the	user's	social
       graph is	leaked when a certificate is shared.

       By default a link never expires.	 This can be overridden	using `--expi-
       ration` argument.

       `sq  pki	 link  add`  respects  the reference time set by the top-level
       `--time`	argument. It sets the link's creation time  to	the  reference
       time.

   sq pki link authorize
       Make a certificate a trusted introducer.

       This  causes  `sq` to consider the certificate to be a be a trusted in-
       troducer.  Trusted introducer is	another	word for certification author-
       ity (CA).  When you link	a trusted introducer, you consider  certifica-
       tions made by the trusted introducer to be valid.  A trusted introducer
       can also	designate further trusted introducers.

       As is, a	trusted	introducer has a lot of	power.	This power can be lim-
       ited in several ways.

	 - The ability to specify further introducers can be constrained using
       the `--depth` parameter.

	 -  The	 degree	to which an introducer is trusted can be changed using
       the `--amount` parameter.

	 - The user IDs	that an	introducer can certify can be  constrained  by
       domain using the	`--domain` parameter or	a regular expression using the
       `--regex` parameter.

       These  mechanisms  allow	you to say that	you are	willing	to rely	on the
       CA for example.org, but only for	user IDs that have  an	email  address
       for example.org,	for instance.

       A link can be retracted using `sq pki link retract`.

       This command is similar to `sq pki vouch	authorize`, but	the certifica-
       tions  it  makes	are done using the certificate directory's trust root,
       not an arbitrary	key.  Further, the certificates	are marked as  non-ex-
       portable.   The	former makes it	easier to manage certifications, espe-
       cially when your	certification key is offline.  And the latter improves
       your privacy, by	reducing the chance that parts of  your	 social	 graph
       are leaked when a certificate is	shared.

       By  default  a  link  never expires.  Using the `--expiration` argument
       specific	validity periods may be	defined.  It allows  for  providing  a
       point in	time for validity to end or a validity duration.

       `sq  pki	 link  authorize`  respects  the  reference  time  set	by the
       top-level `--time` argument. It sets the	link's creation	 time  to  the
       reference time.

   sq pki link retract
       Retract links.

       This  command retracts links that were previously created using `sq pki
       link add` or `sq	pki link authorize`.  See that subcommand's documenta-
       tion for	more details. Note: this is called `retract` and not `remove`,
       because the certifications are not removed.  Instead a  new  certifica-
       tion is added, which says that the binding has not been authenticated.

       `sq  pki	link retract` respects the reference time set by the top-level
       `--time`	argument.  This	causes a link to be retracted as of a particu-
       lar time	instead	of the current time.

   sq pki link list
       List links.

       This command lists all bindings that are	linked or whose	link has  been
       retracted.

       Returns	a  non-zero  exit code if an explicitly	designated certificate
       was never linked.

EXAMPLES
   sq pki link add
       Link the	certificate EB28F26E2739A4870ECC47726F0073F60FD0CBF0 with  the
       email address alice@example.org.

	      sq pki link add \
		     --cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0 \
		     --email=alice@example.org

       First,		    examine		  the		   certificate
       EB28F26E2739A4870ECC47726F0073F60FD0CBF0.

	      sq inspect --cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0

       Then,	    temporarily		accept	       the	   certificate
       EB28F26E2739A4870ECC47726F0073F60FD0CBF0	 with  all  of its self-signed
       user IDs	for a week.

	      sq pki link add --expiration=1w \
		     --cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0 --all

       Once	satisfied,     permanently     accept	  the	   certificate
       EB28F26E2739A4870ECC47726F0073F60FD0CBF0	 with  all  of its self-signed
       user IDs.

	      sq pki link add \
		     --cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0 --all

   sq pki link authorize
       Add an unconstrained trusted introducer.

	      sq pki link authorize --unconstrained \
		     --cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0 --all

       Add a trusted introducer	for example.org	and example.com.

	      sq pki link authorize --domain=example.org \
		     --domain=example.com \
		     --cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0 --all

       Add a partially trusted introducer.

	      sq pki link authorize --unconstrained --amount=60	\
		     --cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0 --all

   sq pki link retract
       Link the	certificate EB28F26E2739A4870ECC47726F0073F60FD0CBF0 with  the
       email address alice@example.org.

	      sq pki link add \
		     --cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0 \
		     --add-email=alice@example.org

       Retract		the	     acceptance		of	   certificate
       EB28F26E2739A4870ECC47726F0073F60FD0CBF0	 and  the  email  address  al-
       ice@example.org.

	      sq pki link retract \
		     --cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0 \
		     --email=alice@example.org

       Retract		the	     acceptance		of	   certificate
       EB28F26E2739A4870ECC47726F0073F60FD0CBF0	and any	associated  user  IDs.
       This effectively	invalidates all	links.

	      sq pki link retract \
		     --cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0 --all

   sq pki link list
       Link  the certificate EB28F26E2739A4870ECC47726F0073F60FD0CBF0 with the
       email address alice@example.org.

	      sq pki link add \
		     --cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0 \
		     --email=alice@example.org

       List all	links.

	      sq pki link list

       List links to certificates with an authenticated	user ID	that  contains
       an email	address	in the specified domain.

	      sq pki link list --cert-domain=example.org

SEE ALSO
       sq(1),	 sq-pki(1),    sq-pki-link-add(1),   sq-pki-link-authorize(1),
       sq-pki-link-retract(1), sq-pki-link-list(1).

       For the full documentation see <https://book.sequoia-pgp.org/>.

VERSION
       1.3.1

Sequoia	PGP			     1.3.1				 SQ(1)

---

NAME | SYNOPSIS | DESCRIPTION | SUBCOMMANDS | EXAMPLES | SEE ALSO | VERSION

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=sq-pki-link&sektion=1&manpath=FreeBSD+Ports+15.0.quarterly>

home | help

---

Legal Notices | © 1995-2026 The FreeBSD Project. All rights reserved.

Contact