Archives/git-secret
2
1
Fork 0
mirror of https://github.com/sobolevn/git-secret synced 2024-11-08 19:10:31 +00:00
Code Issues Projects Releases Wiki Activity
e2754adebe
git-secret/man/man1/git-secret-hide.1
Josh Rabinowitz 9cccf162c6 WIP: test with expired key, add 'whoknows -l' (#287) 
* test with expired key, add 'whoknows -l'

    * 'whoknows -l' shows key expiration dates
    * also added docs and tests for `whoknows -l`,
    * tests for expired keys,
    * epoch_to_date functions

* update man pages

* fix epoch-to-date conversion on OSX

* test output of 'whoknows -l'

* fix for lint/shellcheck

* fix for osx

* lint fix

* use date as found in $PATH

* disable 'set -e' as little as possible
2018-12-05 09:43:48 +03:00

60 lines
2.7 KiB
Groff
Raw Blame History

.\" generated with Ronn/v0.7.3
.\" http://github.com/rtomayko/ronn/tree/0.7.3
.
.TH "GIT\-SECRET\-HIDE" "1" "October 2018" "sobolevn" "git-secret"
.
.SH "NAME"
\fBgit\-secret\-hide\fR \- encrypts all added files with the inner keyring\.
.
.SH "SYNOPSIS"
.
.nf
git secret hide [\-c] [\-F] [\-P] [\-v] [\-d] [\-m]
.
.fi
.
.SH "DESCRIPTION"
\fBgit\-secret\-hide\fR creates an encrypted version (typically called \fBfilename\.txt\.secret\fR) of each file added by \fBgit\-secret\-add\fR command\. Now anyone enabled via \'git secret tell\' can can decrypt these files\. Under the hood, \fBgit\-secret\fR uses the keyring in \fB\.gitsecret/keys\fR and user\'s secret keys to decrypt the files\.
.
.P
It is recommended to encrypt (or re\-encrypt) all the files in a git\-secret repo each time \fBgit secret hide\fR is run\.
.
.P
Otherwise the keychain (the one stored in \fB\.gitsecret/keys/*\.gpg\fR), may have changed since the last time the files were encrypted, and it\'s possible to create a state where the users in the output of \fBgit secret whoknows\fR may not be able to decrypt the some files in the repo, or may be able decrypt files they\'re not supposed to be able to\.
.
.P
In other words, unless you re\-encrypt all the files in a repo each time you \'hide\' any, it\'s possible to make it so some files can no longer be decrypted by users who should be (and would appear) able to decrypt them, and vice\-versa\.
.
.P
If you know what you are doing and wish to encrypt or re\-encrypt only a subset of the files even after reading the above paragraphs, you can use the \-F option to force \fBgit secret hide\fR to skip any hidden files where the unencrypted versions aren\'t present\.
.
.P
Also, it is possible to modify the names of the encrypted files by setting \fBSECRETS_EXTENSION\fR variable\.
.
.P
(See git\-secret(7) \fIhttp://git\-secret\.io/git\-secret\fR for information about renaming the \.gitsecret folder using the SECRETS_DIR environment variable\.
.
.SH "OPTIONS"
.
.nf
\-v \- verbose, shows extra information\.
\-c \- deletes encrypted files before creating new ones\.
\-F \- forces hide to continue if a file to encrypt is missing\.
\-P \- preserve permissions of unencrypted file in encrypted file\.
\-d \- deletes unencrypted files after encryption\.
\-m \- encrypt files only when modified\.
\-h \- shows help\.
.
.fi
.
.SH "MANUAL"
Run \fBman git\-secret\-hide\fR to see this note\.
.
.SH "SEE ALSO"
git\-secret\-init(1) \fIhttp://git\-secret\.io/git\-secret\-init\fR, git\-secret\-tell(1) \fIhttp://git\-secret\.io/git\-secret\-tell\fR, git\-secret\-add(1) \fIhttp://git\-secret\.io/git\-secret\-add\fR, git\-secret\-reveal(1) \fIhttp://git\-secret\.io/git\-secret\-reveal\fR,
.
.br
git\-secret\-cat(1) \fIhttp://git\-secret\.io/git\-secret\-cat\fR
Reference in New Issue View Git Blame Copy Permalink