From 8bd64b46608f0a95e396e40d13ebe673d8a55813 Mon Sep 17 00:00:00 2001 From: Charles McGarvey Date: Sat, 2 Dec 2017 10:02:10 -0700 Subject: [PATCH] fix documentation errors --- bin/groupsecret | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/bin/groupsecret b/bin/groupsecret index 472d33f..3c9d1f0 100755 --- a/bin/groupsecret +++ b/bin/groupsecret @@ -26,7 +26,7 @@ L password. The goal of this program is to be easy to use and have few dependencies (or only have dependencies users are likely to already have installed). -L works by encrypting a secret with a symmetric cipher protected by a secure random +groupsecret works by encrypting a secret with a symmetric cipher protected by a secure random passphrase which is itself encrypted by one or more SSH2 RSA public keys. Only those who have access to one of the corresponding private keys are able to decrypt the passphrase and access the secret. @@ -57,7 +57,7 @@ Alias: C<-h> Specify a path to a keyfile which stores a secret and keys. -Defaults to the value of the environment variable C or F. +Defaults to the value of the environment variable L or F. Alias: C<-f> @@ -66,8 +66,7 @@ Alias: C<-f> Specify a path to a PEM private key. This is used by some commands to decrypt the passphrase that protects the secret and is ignored by commands that don't need it. -Defaults to the value of the environment variable L. If that is unset, it -defaults to F<~/.ssh/id_rsa>. +Defaults to the value of the environment variable L or F<~/.ssh/id_rsa>. Alias: C<-k> @@ -86,7 +85,7 @@ encrypt a new passphrase if it ever needs to be changed. Keys that are not embed for in the filesystem; see L. If the C<--update> option is used and a key with the same fingerprint is added, the new key will -replaced the existing key. The default behavior is to skip existing keys. +replace the existing key. The default behavior is to skip existing keys. If the keyfile is storing a secret, the passphrase protecting the secret will need to be decrypted so that access to the secret can be shared with the new key(s). -- 2.43.0