kr
kr copied to clipboard
kryptco
Allow krpgp to work with keybase select for attestation
Allow krpgp to work with flags passed by keybase pgp select.
Different from #173 as the private key is still kept in the phone app.
Steps to Reproduce:
ln -s /usr/local/bin/krgpg /usr/local/bin/gpgkeybase pgp select- Got error:
ERROR GPG error: exit status 1
NAME:
keybase pgp select - Select a key from GnuPG as your own and register the public half with Keybase
USAGE:
keybase pgp select [command options] [key query]
DESCRIPTION:
"keybase pgp select" looks at the local GnuPG keychain for all
available secret keys. It then makes those keys available for use with keybase.
The steps involved are: (1a) sign a signature chain link with the selected PGP
key and the existing device key; (1b) push this signature and the public PGP
key to the server; and if "--import" flag is passed: (2a) copy the PGP secret half
into your local Keybase keyring; and (2b) encrypt this secret key with Keybase's
local key security mechanism.
By default, Keybase suggests only one PGP public key, but if you want to,
you can supply the "--multi" flag to override this restriction. If you
want your secret key imported into the local Keybase keyring, then use
the "--import" flag. Importing your secret key to Keybase keyring makes
it possible to use Keybase PGP commands like "pgp decrypt" or "pgp sign".
If you don't want to publish signature chain link to Keybase servers, use
"--no-publish" flag. It's only valid when both "--no-publish" and "--import"
flags are used.
This operation will never push your secret key, encrypted or otherwise,
to the Keybase server.
OPTIONS:
--multi Allow multiple PGP keys.
--import Import private key to the local Keybase keyring.
--no-publish Only import to Keybase keyring, do not publish on user profile.
Related code: https://github.com/keybase/client/blob/1c1119c2f4a7117b8c76a8618c344a72410d69be/go/libkb/gpg_index.go#L547-L572
