diff options
author | Joey Hess <joeyh@joeyh.name> | 2016-10-22 18:14:29 -0400 |
---|---|---|
committer | Joey Hess <joeyh@joeyh.name> | 2016-10-22 18:14:29 -0400 |
commit | 30e1b6cfe9eda7dc8711d4530f336ec68c29967d (patch) | |
tree | 2ed97c719536c0b53967ec1a599284efca671e55 | |
parent | a9cff01c0dba9935fd7c0808bfacf81300844f9d (diff) | |
parent | 697da17c9245de3adccfa6b8fe5ddc4faa1d330f (diff) | |
download | keysafe-30e1b6cfe9eda7dc8711d4530f336ec68c29967d.tar.gz |
Merge remote-tracking branch 'spwhitton/lintian'
-rw-r--r-- | keysafe.1 | 34 | ||||
-rw-r--r-- | keysafe.desktop | 1 | ||||
-rw-r--r-- | keysafe.hs | 2 |
3 files changed, 19 insertions, 18 deletions
@@ -29,7 +29,7 @@ to decrypt. This makes it hard for an attacker to crack your password, because each guess they make costs them. .PP Keysafe is designed so that it should take millions of dollars of computer -time to crack any fairly good password. With a truely good +time to crack any fairly good password. With a truly good password, such as four random words, the cracking cost should be many trillions of dollars. Keysafe checks your password strength (using the zxcvbn library), and shows an estimate of the cost to crack your password, @@ -64,21 +64,21 @@ and --port and --address to configure how the server listens to connections. It's recommended to only expose keysafe servers over a tor hidden service. .PP -.IP --backup-server BACKUPDIR +.IP "--backup-server BACKUPDIR" Run on a server, populates the BACKUPDIR with a gpg encrypted backup of all the objects stored in the --store-directory. This is designed to be rsynced offsite (with --delete) to back up a keysafe server with minimal information leakage. .PP -.IP --restore-server BACKUPDIR +.IP "--restore-server BACKUPDIR" Restore all objects present in the gpg-encrypted backups in the specified directory. .PP -.IP --chaff HOSTNAME +.IP "--chaff HOSTNAME" Upload random data to a keysafe server. --port can be used to specify the server's port. Continues uploading data until interrupted with ctrl-c. .PP -.IP --chaff-max-delay SECONDS +.IP "--chaff-max-delay SECONDS" Specify a delay between chaff uploads. Will delay a random amount between 0 and this many seconds. .PP @@ -94,17 +94,17 @@ Benchmark speed of keysafe's cryptographic primitives. .IP --test Run test suite. .PP -.IP --gpgkeyid KEYID +.IP "--gpgkeyid KEYID" Specify keyid of gpg key to back up or restore. This is useful if you have multiple gpg keys. But, when this option is used to back up a key, you have to also provide it to restore that key. .PP -.IP --keyfile FILE +.IP "--keyfile FILE" To back up anything other than a gpg secret key, use this option. To restore from the backup, you must use this same option, and pass the exact same filename. .PP -.IP --store-directory dir +.IP "--store-directory dir" Where to store data locally. For the client, data is stored here before it is uploaded to the server. For the server, this is where it stores its data. @@ -115,7 +115,7 @@ Use GUI interface for interaction. Default is to use readline interface when run in a terminal, and GUI otherwise. The GUI currently is implemented using zenity(1). .PP -.IP --totalshares M --neededshares N +.IP "--totalshares M --neededshares N" These options have to be specified together. The default values are --totalshares 3 --neededshares 2. Keysafe uses Shamir secret sharing to create M shares of the encrypted @@ -124,37 +124,37 @@ To restore the data, only N of the shares are needed. If you specify these options when backing up a secret key, you also must specify them with the same values to restore that secret key. .PP -.IP --name N +.IP "--name N" Specify name used for key backup/restore, avoiding the usual prompt. .PP -.IP --othername N +.IP "--othername N" Specify other name used for key backup/restore, avoiding the usual prompt. .PP -.IP --add-storage-directory DIR +.IP "--add-storage-directory DIR" Add the directory to the list of locations keysafe will use for backup/restore of keys. Keysafe will use the directory first, before any of its built-in servers. .PP -.IP --add-server HOST[:PORT] +.IP "--add-server HOST[:PORT]" Add the server to the server list which keysafe will use for backup/restore of keys. Keysafe will use the server first before any of its built-in servers. .PP -.IP --port P +.IP "--port P" Port for server to listen on. (default: 80) .PP -.IP --address A +.IP "--address A" Address for server to bind to. (Use "*" to bind to all addresses.) (default: "127.0.0.1") .PP -.IP --months-to-fill-half-disk N +.IP "--months-to-fill-half-disk N" Server rate-limits requests and requires proof of work, to avoid too many objects being stored. This is an lower bound on how long it could possibly take for half of the current disk space to be filled. (default: 12) .PP -.IP --motd MESSAGE +.IP "--motd MESSAGE" The server's Message Of The Day. .PP .IP --testmode diff --git a/keysafe.desktop b/keysafe.desktop index fd82b85..51077c0 100644 --- a/keysafe.desktop +++ b/keysafe.desktop @@ -6,3 +6,4 @@ Comment=Back up or restore your private Gnupg key with Keysafe Terminal=false Exec=/usr/bin/keysafe Categories=Network; +Keywords=backup;key;encryption;gnupg;openpgp;pgp;gpg @@ -144,7 +144,7 @@ backup cmdline ui tunables distinguisher (secretkeysource, secretkey) = do if queued then do willautostart <- isAutoStartFileInstalled - showInfo ui "Backup queued" $ "Some data was not sucessfully uploaded to servers, and has been queued for later upload." + showInfo ui "Backup queued" $ "Some data was not successfully uploaded to servers, and has been queued for later upload." ++ if willautostart then "" else " Run keysafe --uploadqueued at a later point to finish the backup." else showInfo ui "Backup success" "Your secret key was successfully encrypted and backed up." StoreFailure s -> showError ui ("There was a problem storing your encrypted secret key: " ++ s) |