Rechercher une page de manuel
sigul
Langue: en
Version: Jan 2009 (fedora - 01/12/10)
Section: 1 (Commandes utilisateur)
Sommaire
name
sigul - A client for accessing a signing serverSYNOPSIS
sigul [OPTIONS] [COMMAND [COMMAND-ARGS...]]
DESCRIPTION
Connects to a sigul server through a sigul bridge to perform COMMAND.OPTIONS
The global sigul OPTIONS above are distinct from COMMAND-specific options. Only options preceding COMMAND on the command line are treated as global OPTIONS.- --help-commands
- List recognized COMMANDs.
- --batch
- Be more suitable for batch processing: Instead of reading passwords from /dev/tty, read them from the standard input. Each password on standard input is terminated by a NUL (0) byte. The passwords are expected in the same order as when --batch is not specified, except that a new password is expected only once, not twice.
- -c, --config-file PATH
- Use PATH as the per-user configuration file instead of ~/.sigul/client.conf.
- -v, --verbose
- Be more verbose. Using this option twice enables debugging output.
EXIT STATUS
sigul returns with exit status 0 on success, non-zero on error.ADMINISTRATIVE COMMANDS
These commands are only available to signing server administrators, identified with a personal password.- list-users
- List users recognized by the server.
- new-user [--admin] [--with-password] USER
- Add USER to the server. The user will be a server administrator if --admin is specified, and will have a personal password defined if --with-password is specified.
- delete-user USER
- Delete USER on the server. This operation is allowed only after all key access right were revoked from USER.
- user-info USER
- Show information about USER.
- modify-user [--admin {yes|no}] [--new-name NEW_NAME] [--change-password] USER
- Modify USER according to the specified options.
- key-user-info USER KEY
- Show whether USER has access to KEY and whether the user is an administrator for this key.
- modify-key-user [--key-admin {yes|no}] USER KEY
- Modify the access of USER to KEY according to the specified options.
- list-keys
- List keys stored on the server.
- new-key [--key-admin USER] [--name-real REAL_NAME] [--name-comment COMMENT] [--name-email EMAIL] [--expire-date YYYY-MM-DD] KEY
- Create a new key KEY on the server, using the specified name and expiry information, and write the public key to standard output.
If USER is specified, make him the key administrator and only user instead of the invoking user. This is only this user and the users this user grants access can use the key; even signing server administrators can not use the key without knowing a key passphrase of one of the authorized key users.
- import-key [--key-admin USER] KEY KEY_FILE
- Import a public and private key from KEY_FILE to the server, naming it KEY.
If USER is specified, make him the key administrator and only user instead of the invoking user. This is only this user and the users this user grants access can use the key; even signing server administrators can not use the key without knowing a key passphrase of one of the authorized key users.
KEY_FILE should be created using the following command:
-
- gpg --export-secret-key KEY_ID > KEY_FILE
-
- delete-key KEY
- Delete KEY from the server.
- modify-key [--new-name NEW_NAME] KEY
- Modify KEY according to the specified options.
KEY ADMINISTRATION COMMANDS
These commands are available to key administrators, identified with a key passphrase. Some of the commands support a --password option; these commands also available to signing server administrators, identified by their personal password.- list-key-users [--password] KEY
- List users that have access to KEY.
- grant-key-access KEY USER
- Grant access to KEY to USER.
- revoke-key-access [--password] KEY USER
- Revoke access to KEY from USER. This command can not revoke access from the last user of KEY: you must delete KEY instead.
USER COMMANDS
These commands are available to key users, identified with a key passphrase. Some of the commands support a --password option; these commands also available to signing server administrators, identified by their personal password.- get-public-key [--password] KEY
- Write the public key for KEY to standard output.
- change-passphrase KEY
- Change the user's passphrase for KEY. Each user has a separate passphrase for each KEY they have access to.
- sign-text [--output OUTPUT] KEY INPUT_FILE
- Wrap INPUT_FILE in a clear-text signature, and write it to OUTPUT. If OUTPUT is not defined, write the signed text to standard output.
- sign-data [--output OUTPUT] KEY INPUT_FILE
- Create a detached signature for INTPUT_FILE and write it to OUTPUT. If OUTPUT is not defined, write the signed text to standard output, which must not be a terminal.
- sign-rpm [--output OUTPUT] [--store-in-koji] [--koji-only] KEY RPM_ID
- Sign the rpm specified by RPM_ID. RPM_ID can either be a path to a RPM file, or a name-epoch:version-release.arch string that specifies a RPM stored in Koji.
If --store-in-koji is specified, store the generated signature to Koji. Unless --koji-only is specified, write a signed RPM file to OUTPUT, and if OUTPUT is not defined, write it to standard output,
FILES
- /etc/sigul/client.conf
- A system-wide configuration file.
- ~/.sigul/client.conf
- A per-user configuration file. Values defined in this file override the system-wide configuration file.
AUTHORS
Miloslav Trmac <mitr@redhat.com>SEE ALSO
sigul_setup-client(1), sigul_bridge(8), sigul_server(8)Contenus ©2006-2024 Benjamin Poulain
Design ©2006-2024 Maxime Vantorre