.RS
.RE
.TP
+.B commit [\f[I]arguments\f[]]
+Alias to "git commit".
+.RS
+.RE
+.TP
.B ls <\f[I]path\f[]>
List contents from the toplevel repository \f[I]keys\f[] folder or from
relative paths if \f[I]path\f[] is specified.
into the text editor defined by the \f[I]$EDITOR\f[] environment
variable and then re-encrypting it.
.RS
+.PP
+Please make sure to use an
+\f[I]\f[I]E\f[]\f[I]D\f[]\f[I]I\f[]\f[I]T\f[]\f[I]O\f[]\f[I]R\f[] * \f[I]w\f[]\f[I]h\f[]\f[I]i\f[]\f[I]c\f[]\f[I]h\f[]\f[I]d\f[]\f[I]o\f[]\f[I]e\f[]\f[I]s\f[]\f[I]n\f[]\f[I]o\f[]\f[I]t\f[]\f[I]l\f[]\f[I]e\f[]\f[I]a\f[]\f[I]k\f[]\f[I]d\f[]\f[I]a\f[]\f[I]t\f[]\f[I]a\f[]\f[I]l\f[]\f[I]i\f[]\f[I]k\f[]\f[I]e\f[]\f[I]h\f[]\f[I]i\f[]\f[I]s\f[]\f[I]t\f[]\f[I]o\f[]\f[I]r\f[]\f[I]y\f[]\f[I]b\f[]\f[I]u\f[]\f[I]f\f[]\f[I]f\f[]\f[I]e\f[]\f[I]r\f[]\f[I]s\f[]. \f[I]K\f[]\f[I]e\f[]\f[I]y\f[]\f[I]r\f[]\f[I]i\f[]\f[I]n\f[]\f[I]g\f[]\f[I]e\f[]\f[I]r\f[]\f[I]t\f[]\f[I]r\f[]\f[I]i\f[]\f[I]e\f[]\f[I]s\f[]\f[I]t\f[]\f[I]o\f[]\f[I]d\f[]\f[I]e\f[]\f[I]t\f[]\f[I]e\f[]\f[I]c\f[]\f[I]t\f[]\f[I]i\f[]\f[I]f\f[] * EDITOR\f[]
+is set to VIM and disables the \f[I]\&.viminfo\f[] file.
.RE
.TP
.B encrypt <\f[I]secret\f[]> [\f[I]file\f[]]
encryption, and which secrets are encrypted to which keys.
This can be improved in the future by encrypting the repository
configuration with support for the \f[I]\-\-hidden-recipient\f[] GnuPG
-option.
+option and encrypted repository options.
+.PP
+To mitigate that, it\[aq]s possible to keep the repo just atop of an
+encrypted and non-public place.
.IP "2." 3
History is not rewritten by default when secrets are removed from a
keyringer repository.
Users wishing to edit their repository history should proceed manually
using the \f[I]git\f[] action.
.RE
+.IP "3." 3
+Keyringer does not protect data which were not encrypted to a keyring,
+so be careful when decrypting secrets and writing them to the disk or
+other storage media.
.SH SEE ALSO
.PP
The \f[I]README\f[] file distributed with Keyringer contains full
projects / keyringer.git / commitdiff