mirror of
https://github.com/sobolevn/git-secret
synced 2024-11-02 21:40:18 +00:00
use 'git secret hide -d' in example
This commit is contained in:
Josh Rabinowitz
parent
6c29ed7eb7
commit
8f6b3876ac
Binary file not shown.
@ -14,7 +14,7 @@ These steps cover the basic process of using `git-secret`:
|
|||||||
1. Get their `gpg` public-key. **You won't need their secret key.**
|
1. Get their `gpg` public-key. **You won't need their secret key.**
|
||||||
2. Import this key inside your `gpg` setup (in ~/.gnupg or similar) by running `gpg --import KEY_NAME`
|
2. Import this key inside your `gpg` setup (in ~/.gnupg or similar) by running `gpg --import KEY_NAME`
|
||||||
3. Now add this person to your secrets repo by running `git secret tell persons@email.id`
|
3. Now add this person to your secrets repo by running `git secret tell persons@email.id`
|
||||||
4. Then re-encrypt the files using `git secret reveal; git secret hide`. Now the newly added user be able to decrypt them using `git-secret` and their secret key.
|
4. Then re-encrypt the files using `git secret reveal; git secret hide -d`. (The -d options deletes the unencrypted file after re-encrypting it). Now the newly added user be able to decrypt them using `git-secret` and their secret key.
|
||||||
|
|
||||||
Note that it is possible to add yourself to the system without decrypting existing files. It will be possible to decrypt them after reencrypting them with the new keyring. So, if you don't want unexpected keys added, make sure to configure some server-side security policy with the `pre-receive` hook.
|
Note that it is possible to add yourself to the system without decrypting existing files. It will be possible to decrypt them after reencrypting them with the new keyring. So, if you don't want unexpected keys added, make sure to configure some server-side security policy with the `pre-receive` hook.
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user