safe

Password protected secret keeper
git clone git://git.z3bra.org/safe.git
Log | Files | Refs | README | LICENSE

safe-agent.1 (1745B)


      1 .Dd 2019-06-08
      2 .Dt SAFE-AGENT 1
      3 .Os POSIX.1-2017
      4 
      5 .Sh NAME
      6 .Nm safe-agent
      7 .Nd Digital safe for your secrets
      8 
      9 .Sh SYNOPSIS
     10 .Nm
     11 .Op Fl hdv
     12 .Op Fl t Ar timeout
     13 .Op Fl f Ar socket
     14 
     15 .Sh DESCRIPTION
     16 .Nm
     17 can retain a derivated key and its salt in memroy, and send it over a
     18 UNIX-domain socket to whichever process can read this socket.
     19 .Pp
     20 Pushing a key and its salt is done by writing them to the socket. The
     21 retained key can be instantly forgotten by sending signal
     22 .Ar SIGUSR1 or SIGALRM
     23 to the running agent.
     24 .El
     25 .Bl -tag -width Ds
     26 .It Fl h
     27 Print a quick usage text.
     28 .It Fl d
     29 Do not detach the process from the controlling terminal.
     30 .It Fl v
     31 Turn on verbose mode.
     32 .Nm
     33 will print debugging messages to stderr. This is useful to troubleshoot
     34 connection issues between the agent and the client.
     35 .It Fl t Ar timeout
     36 Retain the key for
     37 .Ar timeout
     38 seconds. This will setup an
     39 .Xr alarm 2
     40 timer, which make the agent forget the key after the timeout.
     41 .It Fl f Ar socket
     42 Bind agent to
     43 .Ar socket
     44 UNIX-domain socket.
     45 (default: /tmp/safe-XXXXXX/agent.ppid)
     46 .Pp
     47 The agent prints will print commands (
     48 .Xr sh 1 )
     49 to stdout, that can be evaluated by the calling shell for exportation
     50 to the environment.
     51 .Pp
     52 Later calls to
     53 .Xr safe 1
     54 will use these environment variables internally to retrieve the key and
     55 use it to encrypt/decrypt the stored secrets.
     56 
     57 .Sh EXAMPLES
     58 .Bd -literal
     59 Retrieve a secret from your safe, using the agent
     60 
     61 	$ eval $(safe-agent)
     62 	$ safe -r
     63 	password:
     64 	$ safe secret/file > kitten.gif
     65 
     66 .Sh ENVIRONMENT
     67 .Bl -tag -width "SAFE_SOCK"
     68 .It Ev SAFE_PID
     69 Stores the PID of the currently running agent.
     70 .It Ev SAFE_SOCK
     71 Stores the path to the UNIX-domain socket used to communicate with
     72 the agent.
     73 
     74 .Sh AUTHORS
     75 .An Willy Goiffon Aq Mt dev@z3bra.org