Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help 
TARSNAP-KEYMGMT(1)	    General Commands Manual	    TARSNAP-KEYMGMT(1)

NAME
       tarsnap-keymgmt -- generate subsets of tarsnap(1) key files

SYNOPSIS
       tarsnap-keymgmt	--outkeyfile  new-key-file  [-r]  [-w]	[-d]  [--nuke]
		       [--passphrased]	      [--passphrase-mem	       maxmem]
		       [--passphrase-time maxtime] key-file ...
       tarsnap-keymgmt --print-key-id key-file
       tarsnap-keymgmt --print-key-permissions key-file
       tarsnap-keymgmt --version

DESCRIPTION
       tarsnap-keymgmt	reads the provided key files and writes	a new key file
       (specified by --outkeyfile new-key-file)	containing only	the  keys  re-
       quired  for  the	 operations  specified	via  the  -r (list and extract
       archives), -w (write archives), -d (delete archives), and --nuke	flags.
       Note that -d implies -r since it	is impossible to delete	an  individual
       archive	without	being able to read it; while a key file	generated with
       --nuke can be used to delete all	the archives stored, but not  individ-
       ual archives.

       The  following  list  shows  which permissions are required for various
       tarsnap(1) command modes.

	   --recover
		 requires either (1) -d	(archive deleting),  (2)  -w  (archive
		 creating), or (3) --nuke keys.

	   --fsck
		 requires either (1) both -w (archive writing) and -r (archive
		 reading) keys,	or (2) -d (archive deleting) keys.

	   --fsck-prune
		 requires  -d  (archive	 deleting)  keys, since	it needs to be
		 able to delete	corrupted archives.

       If the --passphrased option is specified, the user will be prompted  to
       enter a passphrase (twice) to be	used to	encrypt	the key	file.

       If the --passphrase-mem maxmem option is	specified, a maximum of	maxmem
       bytes  of RAM will be used in the scrypt	key derivation function	to en-
       crypt the key file; it may be necessary to set this  option  if	a  key
       file  is	being created on a system with far more	RAM than the system on
       which the key file will be used.

       If the --passphrase-time	maxtime	option is specified, a maximum of  ap-
       proximately  maxtime  seconds will be used in the scrypt	key derivation
       function	to encrypt the key file.

       Note that if none of the	-w, -r,	-d, or --nuke options are specified, a
       key file	will be	produced which does not	contain	 any  keys.   This  is
       probably	not very useful.

       The  --print-key-id  key-file option displays the 64-bit	integer	corre-
       sponding	to the key's machine number.  This may be useful  for  scripts
       or  GUIs	which manage a user's Tarsnap account, but is not likely to be
       helpful for command-line	use.

       The --print-key-permissions key-file option  displays  the  permissions
       which the key possesses.

       The --version option prints the version number of tarsnap-keymgmt, then
       exits.

FreeBSD	ports 15.0		March 20, 2025		    TARSNAP-KEYMGMT(1)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=tarsnap-keymgmt&sektion=1&manpath=FreeBSD+Ports+15.0>

home | help