@ -41,7 +41,7 @@ Import this key inside your \fBgpg\fR setup (in ~/\.gnupg or similar) by running
Now add this person to your secrets repo by running \fBgit secret tell persons@email\.id\fR
.
.IP"4."4
Then re\-encrypt the files using \fBgit secret reveal; git secret hide\fR\. Now the newly added user be able to decrypt them using \fBgit\-secret\fR and their secret key\.
Then re\-encrypt the files using \fBgit secret reveal; git secret hide\-d\fR\. (The \-d options deletes the unencrypted file after re\-encrypting it)\. Now the newly added user be able to decrypt them using \fBgit\-secret\fR and their secret key\.
@ -14,7 +14,7 @@ These steps cover the basic process of using `git-secret`:
1. Get their `gpg` public-key. **You won't need their secret key.**
2. Import this key inside your `gpg` setup (in ~/.gnupg or similar) by running `gpg --import KEY_NAME`
3. Now add this person to your secrets repo by running `git secret tell persons@email.id`
4. Then re-encrypt the files using `git secret reveal; git secret hide`. Now the newly added user be able to decrypt them using `git-secret` and their secret key.
4. Then re-encrypt the files using `git secret reveal; git secret hide -d`. (The -d options deletes the unencrypted file after re-encrypting it). Now the newly added user be able to decrypt them using `git-secret` and their secret key.
Note that it is possible to add yourself to the system without decrypting existing files. It will be possible to decrypt them after reencrypting them with the new keyring. So, if you don't want unexpected keys added, make sure to configure some server-side security policy with the `pre-receive` hook.
Josh Rabinowitz
6 years ago