mirror of
https://github.com/sobolevn/git-secret
synced 2024-11-12 07:10:27 +00:00
4dca9f3701
* Closes #653 Add security disclaimer for git-secret-killperson specifying what is and is not readable by a user after having been removed from the repository's keyring * Document addition of disclaimer in changelog
33 lines
1.2 KiB
Markdown
33 lines
1.2 KiB
Markdown
git-secret-killperson - deletes key identified by an email from the inner keyring.
|
|
==================================================================================
|
|
|
|
## SYNOPSIS
|
|
|
|
git secret killperson <emails>...
|
|
|
|
|
|
## DESCRIPTION
|
|
This command removes the keys associated with the selected email addresses from the keyring.
|
|
If you remove a keypair's access with `git-secret-killperson`, and run `git-secret-reveal` and `git-secret-hide -r`,
|
|
it will be impossible for given users to decrypt the hidden files.
|
|
|
|
Using git-secret-killperson and re-encrypting the secrets does not prevent a user from extracting secrets that they have previously had access to.
|
|
The old keyrings and the secrets encrypted with them will still be readable by the user in the git history.
|
|
This means that any secrets that the user has had access to at any time must be changed and re-encrypted after their key has been removed from the keyring.
|
|
|
|
|
|
## OPTIONS
|
|
|
|
-h - shows this help.
|
|
|
|
|
|
## MANUAL
|
|
|
|
Run `man git-secret-killperson` to see this note.
|
|
|
|
|
|
## SEE ALSO
|
|
|
|
[git-secret-tell(1)](http://git-secret.io/git-secret-tell), [git-secret-remove(1)](http://git-secret.io/git-secret-remove),
|
|
[git-secret-clean(1)](http://git-secret.io/git-secret-clean)
|