egpg
- Easy GnuPG
egpg
COMMAND [ARGS...] [OPTIONS...]
There are scads of options presented by GnuPG, which are all part of making it the flexible and powerful an encryption framework that it is. But it's extremely complicated to get started with, and that quite reasonably puts people off.
egpg is a wrapper script that tries to simplify the process of using GnuPG. In order to simplify things, it is opinionated about the "right" way to use GnuPG.
init
[dir]
Initialize egpg. Optionally give the directory to be used. If not given, the default directory will be $HOME/.egpg/
migrate
[-d,--homedir gnupghome]
Get keys and contacts from another gpg directory (by default from $GNUPGHOME).
[info
]
Display info about the current configuration and settings.
seal
file [recipient...]
Sign and encrypt a file. The resulting file will have the extension .sealed The original file will be erased.
open
file.sealed
Decrypt and verify the signature of the given file. The file has to end with .sealed and the output will have that extension stripped.
sign
file
Sign a file. The signature will be saved to <file.signature>.
verify
file.signature
Verify the signature. The signed file must be present as well.
default
Use the default GNUPGHOME.
set
option value
Change the settings.
key
command [options...]
Commands for handling the key. For more details see key help
.
contact
command [options...]
Commands for handling the contacts. For more details see contact help
.
gpg
, --
...
Run any gpg command (but using the configuration settings of egpg).
help
Show this help text.
version
Show version information.
[ls
,list
,show
] [-r,--raw | -c,--colons] [-a,--all]
Show the details of the key (optionally in raw format or with colons). A list of all the keys can be displayed as well (including the revoked and expired ones).
gen
,generate
[email name] [-n,--no-passphrase]
Create a new GPG key. If email and name are not given as arguments, they will be asked interactively.
fetch
[-d,--homedir gnupghome] [-k,--key-id key-id]
Get a key from another gpg directory (by default from $GNUPGHOME).
backup
[key-id] [-q,--qrencode]
Backup key to text file. If the option --qrencode is given, then a PDF file with 3D barcode will be generated as well.
restore
file.tgz
Restore key from file.
split
[-d,--dongle dir] [-b,--backup dir]
Split the key into 3 partial keys and store one of them on the dongle (removable device, usb), keep the other one locally, and use the third one as a backup. Afterwards, whenever the key needs to be used, the dongle has to be present.
join
Join two partial keys into a full key and delete the partials.
recover
backup-partial.key.xyz
Recover the key from the backup partial key and from the partial key of the home or the dongle. This is useful when either the dongle or the home partial key is lost.
pass
Change the passphrase.
share
Publish the key to the keyserver network.
renew
,expiration
[date]
Renew the key until the given date (by default 1 month from now).
The date is in free time format, like "2 months", 2020-11-15,
"March 7", "5 years" etc. The date formats are those that are
accepted by the command date -d
(see info date
).
revcert
["description"]
Generate a revocation certificate for the key.
rev
,revoke
[revocation-certificate]
Cancel the key by publishing the given revocation certificate.
rm
,del
,delete
[key-id]
Delete the key.
ls
,list
,show
,find
[contact...] [-r,--raw | -c,--colons]
Show the details of the contacts (optionally in raw format or with colons). A list of all the contacts will be displayed if no one is selected. A contact can be selected by name, email, id, etc.
rm
,del
,delete
contact... [-f,--force]
Delete the given contact(s).
exp
,export
[contact...] [-o,--output file]
Export contact(s) to file.
imp
,import
,add
file
Import (add) contact(s) from file.
fetch
[contact...] [-d,--homedir gnupghome]
Get contacts from another gpg directory (by default from $GNUPGHOME).
fetch-uri
uri...
Retrieve contacts located at the specified URIs.
search
name [-s,--keyserver server]
Search the keyserver network for a person.
receive
,pull
contact-id [-s,--keyserver server]
Download contact from the keyserver network.
certify
contact [-p,--publish] [-l,--level level] [-t,--time time]
You have verified the identity of the contact (the details of the
contact, name, email, etc. are correct and belong to a real
person). With the --publish option you also share your
certification with the world, so that your friends may rely on it
if they wish. The levels of certification are: 0
(unknown
),
1
(onfaith
), 2
(casual
), 3
(extensive
). The time of
certification can be: 0 (unlimited), nd (n days), nw (n
weeks), nm (n months), ny (n years).
uncertify
contact
Revoke the certification of a contact.
trust
contact [-l,--level trust-level]
You have verified the identity of the contact and you also trust
him to be able to verify correctly and honestly the identities of
other people. The trust levels are: 4
(full
), 3
(marginal
), 2
(none
), 1
(unknown
)
key fpr
Show the fingerprint of the key.
contact pick
[-i,--image imagefile]
Read fingerprint as a 2D barcode from camera or from image and receive the given contact from the keyserver network.
key2dongle
[dongle-dir] [-r,--reverse]
Move the sign/cert/main key to dongle. With option --reverse move it back to GNUPGHOME.
~/.egpg/
The default egpg directory.
~/.egpg/.gnupg
The GnuPG directory.
~/.egpg/config.sh
The configuration file.
~/.egpg/customize.sh
Optional customization file.
EGPG_DIR
Overrides the default egpg directory.
GNUPGHOME
The directory used by GnuPG.
The file $EGPG_DIR/customize.sh
can be used to redefine and
customize some functions, without having to touch the code of the main
script. Also, external commands can be customized (or new commands
can be defined) by adding the file $EGPG_DIR/cmd_command.sh
, which
contains the function cmd_command() { . . . }
.
In general, for an external command the script will first look for
$EGPG_DIR/cmd_command.sh
, then for
$LIB/ext/$PLATFORM/cmd_command.sh
, and finally for
$LIB/ext/cmd_command.sh
. The first that is found is loaded and
used. For key commands the name of the file must be
cmd_key_command.sh
and for contact commands it must be
cmd_contact_command.sh
.
Some basic usage is demonstrated on the examples below.
testuser@laptop:~$ rm -rf ~/.egpg/
testuser@laptop:~$ killall -u $USER gpg-agent
testuser@laptop:~$ egpg
No directory '/home/testuser/.egpg'
Try first: egpg init
testuser@laptop:~$ egpg init
mkdir: created directory '/home/testuser/.egpg'
Appended the following lines to '/home/testuser/.bashrc':
---------------8<---------------
### start egpg config
export GPG_TTY=$(tty)
export EGPG_DIR="/home/testuser/.egpg"
#export GNUPGHOME="/home/testuser/.egpg/.gnupg"
### end egpg config
--------------->8---------------
Please reload it to enable the new config:
source "/home/testuser/.bashrc"
testuser@laptop:~$ source "/home/testuser/.bashrc"
testuser@laptop:~$ egpg
EasyGnuPG 2.1-1.0 ( https://github.com/easygnupg/egpg )
EGPG_DIR="/home/testuser/.egpg"
GNUPGHOME="/home/testuser/.egpg/.gnupg"
DONGLE=""
KEYSERVER="hkp://keys.gnupg.net"
GPG_TTY="/dev/pts/18"
SHARE=no
DEBUG=no
No valid key found.
Try first: egpg key gen
or: egpg key fetch
or: egpg key restore
or: egpg key recover
testuser@laptop:~$ egpg key gen test@example.org "Test User"
Creating a new key.
Enter passphrase for the new key:
Retype the passphrase of the key:
Please enter the passphrase to unlock the OpenPGP secret key:
"Test User <test@example.org>"
4096-bit RSA key, ID 01D532A283DC1CBF,
created 2016-06-06.
Passphrase:
id: 01D532A283DC1CBF
uid: Test User <test@example.org>
fpr: 4E91 DD0E EDD7 49F2 B6DE D9CE 01D5 32A2 83DC 1CBF
trust: ultimate
sign: 01D532A283DC1CBF 2016-06-06 2016-07-06
decr: 7BD4B1BE5D76CC0D 2016-06-06 2016-07-06
Revocation certificate is at:
"/home/testuser/.egpg/.gnupg/openpgp-revocs.d/4E91DD0EEDD749F2B6DED9CE01D532A283DC1CBF.rev"
"/home/testuser/.egpg/.gnupg/openpgp-revocs.d/4E91DD0EEDD749F2B6DED9CE01D532A283DC1CBF.rev.pdf"
testuser@laptop:~$ egpg info
EasyGnuPG 2.1-1.0 ( https://github.com/easygnupg/egpg )
EGPG_DIR="/home/testuser/.egpg"
GNUPGHOME="/home/testuser/.egpg/.gnupg"
DONGLE=""
KEYSERVER="hkp://keys.gnupg.net"
GPG_TTY="/dev/pts/18"
SHARE=no
DEBUG=no
id: 01D532A283DC1CBF
uid: Test User <test@example.org>
fpr: 4E91 DD0E EDD7 49F2 B6DE D9CE 01D5 32A2 83DC 1CBF
trust: ultimate
sign: 01D532A283DC1CBF 2016-06-06 2016-07-06
decr: 7BD4B1BE5D76CC0D 2016-06-06 2016-07-06
testuser@laptop:~$ egpg key
id: 01D532A283DC1CBF
uid: Test User <test@example.org>
fpr: 4E91 DD0E EDD7 49F2 B6DE D9CE 01D5 32A2 83DC 1CBF
trust: ultimate
sign: 01D532A283DC1CBF 2016-06-06 2016-07-06
decr: 7BD4B1BE5D76CC0D 2016-06-06 2016-07-06
testuser@laptop:~$ egpg key fpr
4E91 DD0E EDD7 49F2 B6DE D9CE 01D5 32A2 83DC 1CBF
testuser@laptop:~$ egpg key renew 1 year
Please enter the passphrase to unlock the OpenPGP secret key:
"Test User <test@example.org>"
4096-bit RSA key, ID 01D532A283DC1CBF,
created 2016-06-06.
Passphrase:
id: 01D532A283DC1CBF
uid: Test User <test@example.org>
fpr: 4E91 DD0E EDD7 49F2 B6DE D9CE 01D5 32A2 83DC 1CBF
trust: ultimate
sign: 01D532A283DC1CBF 2016-06-06 2017-06-06
decr: 7BD4B1BE5D76CC0D 2016-06-06 2017-06-06
testuser@laptop:~$ echo "This is a test message." > test.txt
testuser@laptop:~$ egpg seal test.txt
Please enter the passphrase to unlock the OpenPGP secret key:
"Test User <test@example.org>"
4096-bit RSA key, ID 01D532A283DC1CBF,
created 2016-06-06.
Passphrase:
testuser@laptop:~$ egpg open test.txt.sealed
Please enter the passphrase to unlock the OpenPGP secret key:
"Test User <test@example.org>"
4096-bit RSA key, ID 7BD4B1BE5D76CC0D,
created 2016-06-06 (main key ID 01D532A283DC1CBF).
Passphrase:
gpg: Signature made Mon 06 Jun 2016 06:28:52 PM CEST
gpg: using RSA key 01D532A283DC1CBF
gpg: Good signature from "Test User <test@example.org>" [ultimate]
testuser@laptop:~$ egpg sign test.txt
Please enter the passphrase to unlock the OpenPGP secret key:
"Test User <test@example.org>"
4096-bit RSA key, ID 01D532A283DC1CBF,
created 2016-06-06.
Passphrase:
testuser@laptop:~$ egpg verify test.txt.signature
gpg: Signature made Mon 06 Jun 2016 06:32:23 PM CEST
gpg: using RSA key 01D532A283DC1CBF
gpg: Good signature from "Test User <test@example.org>" [ultimate]
testuser@laptop:~$ egpg contact search Dashamir
gpg: data source: http://svcs4.riverwillow.net.au:11371
(1) Dashamir Hoxha <dashohoxha@gmail.com>
2048 bit RSA key 562AC309C01D2DBD, created: 2015-12-27, expires: 2020-12-31
(2) Dashamir Hoxha <dashohoxha@gmail.com>
keybase.io/dashohoxha <dashohoxha@keybase.io>
4096 bit RSA key 0967FD258D6414F9, created: 2015-05-27, expires: 2017-01-05
(3) Dashamir Hoxha <dashohoxha@gmail.com>
Dashamir Hoxha <d_hoxha@dogana.gov.al>
2048 bit RSA key FD06AA8E55D59B28, created: 2010-12-12, expires: 2015-12-13 (expired)
Keys 1-3 of 3 for "Dashamir". Enter number(s), N)ext, or Q)uit > 1
testuser@laptop:~$ egpg contact ls
id: 01D532A283DC1CBF
uid: Test User <test@example.org>
fpr: 4E91 DD0E EDD7 49F2 B6DE D9CE 01D5 32A2 83DC 1CBF
trust: ultimate
sign: 01D532A283DC1CBF 2016-06-06 2017-06-06
decr: 7BD4B1BE5D76CC0D 2016-06-06 2017-06-06
id: 562AC309C01D2DBD
uid: Dashamir Hoxha <dashohoxha@gmail.com>
fpr: 1EC0 8B86 1350 EE19 8053 7941 562A C309 C01D 2DBD
sign: 562AC309C01D2DBD 2015-12-27 2020-12-31
decr: 95B9FAD9DEF9A02A 2015-12-27 2020-12-31
testuser@laptop:~$ egpg contact certify Dashamir
Please enter the passphrase to unlock the OpenPGP secret key:
"Test User <test@example.org>"
4096-bit RSA key, ID 01D532A283DC1CBF,
created 2016-06-06.
Passphrase:
pub rsa2048/562AC309C01D2DBD
created: 2015-12-27 expires: 2020-12-31 usage: SC
trust: unknown validity: unknown
Primary key fingerprint: 1EC0 8B86 1350 EE19 8053 7941 562A C309 C01D 2DBD
Dashamir Hoxha <dashohoxha@gmail.com>
This key is due to expire on 2020-12-31.
I have checked this key casually.
testuser@laptop:~$ egpg contact trust Dashamir
uid: Dashamir Hoxha <dashohoxha@gmail.com>
trust: marginal
testuser@laptop:~$ egpg contact ls Dashamir
id: 562AC309C01D2DBD
uid: Dashamir Hoxha <dashohoxha@gmail.com>
fpr: 1EC0 8B86 1350 EE19 8053 7941 562A C309 C01D 2DBD
trust: marginal
sign: 562AC309C01D2DBD 2015-12-27 2020-12-31
decr: 95B9FAD9DEF9A02A 2015-12-27 2020-12-31
certified by: Test User <test@example.org> (01D532A283DC1CBF)
testuser@laptop:~$ egpg contact rm Dashamir
gpg (GnuPG) 2.1.11; Copyright (C) 2016 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
pub rsa2048/562AC309C01D2DBD 2015-12-27 Dashamir Hoxha <dashohoxha@gmail.com>
Delete this key from the keyring? (y/N) y
testuser@laptop:~$ egpg key revoke
Revocation will make your current key useless.
You'll need to generate a new one.
Are you sure about this? [y/N] y
testuser@laptop:~$ egpg key ls
No valid key found.
Try first: egpg key gen
or: egpg key fetch
or: egpg key restore
or: egpg key recover
testuser@laptop:~$ rm -rf ~/.egpg/
testuser@laptop:~$ rm -rf ~/.egpg/
testuser@laptop:~$ killall -u $USER gpg-agent
testuser@laptop:~$ egpg init
mkdir: created directory '/home/testuser/.egpg'
Appended the following lines to '/home/testuser/.bashrc':
---------------8<---------------
### start egpg config
export GPG_TTY=$(tty)
export EGPG_DIR="/home/testuser/.egpg"
#export GNUPGHOME="/home/testuser/.egpg/.gnupg"
### end egpg config
--------------->8---------------
Please reload it to enable the new config:
source "/home/testuser/.bashrc"
testuser@laptop:~$ source "/home/testuser/.bashrc"
testuser@laptop:~$ egpg migrate
Importing key from: /home/testuser/.gnupg
Importing contacts from: /home/testuser/.gnupg
testuser@laptop:~$ egpg key pass
Please enter the passphrase to unlock the OpenPGP secret key:
"Test 1 <test1@exampel.org>"
4096-bit RSA key, ID DB7065FD432FF513,
created 2016-06-06.
Passphrase:
Please enter the new passphrase
Passphrase:
Repeat:
testuser@laptop:~$ egpg default
'/home/testuser/.gnupg' -> '/home/testuser/.gnupg-old'
'/home/testuser/.egpg/.gnupg' -> '/home/testuser/.gnupg'
OK
Afterwards egpg
will use the directory ~/.gnupg
(or whatever is
in the environment variable $GNUPGHOME) for the key and contacts.
testuser@laptop:~$ egpg key share
You must enable sharing first with:
egpg set share yes
testuser@laptop:~$ egpg set share yes
testuser@laptop:~$ egpg key share
testuser@laptop:~$ egpg key2dongle
Enter the dongle directory: /media/testuser/19BA-88F9/
'/home/testuser/.egpg/.gnupg/private-keys-v1.d/C44D9A5C673623B0674F456999EE2607941EC904.key' -> '/media/testuser/19BA-88F9/.gnupg/C44D9A5C673623B0674F456999EE2607941EC904.key'
removed '/home/testuser/.egpg/.gnupg/private-keys-v1.d/C44D9A5C673623B0674F456999EE2607941EC904.key'
Key moved to /media/testuser/19BA-88F9/.gnupg/C44D9A5C673623B0674F456999EE2607941EC904.key
Afterwards, in order to sign or certify, you need to mount the dongle first, otherwise it will not be able to find the key. However you can decrypt without the dongle, because the decrypting secret key is still on your home directory.
You can move back the signing private key like this:
testuser@laptop:~$ egpg key2dongle --reverse
Enter the dongle directory [/media/testuser/19BA-88F9]:
'/media/testuser/19BA-88F9/.gnupg/C44D9A5C673623B0674F456999EE2607941EC904.key' -> '/home/testuser/.egpg/.gnupg/private-keys-v1.d/C44D9A5C673623B0674F456999EE2607941EC904.key'
removed '/media/testuser/19BA-88F9/.gnupg/C44D9A5C673623B0674F456999EE2607941EC904.key'
Key moved to /home/testuser/.egpg/.gnupg/private-keys-v1.d/C44D9A5C673623B0674F456999EE2607941EC904.key
You can split a key into 3 partial keys, so that any 2 of them can be combined to recreate the original key (but a single one is not enough). EasyGnuPG takes advantage of this to save a partial key on the local machine and another partial on a dongle (usb, removable device). The third partial key is used as a backup, to recover the full key in case that the dongle or the computer is lost.
testuser@laptop:~$ egpg key split
Splitting the key: 155E526BA47364BC
Enter the dongle directory: /media/testuser/sdb1
* Backup partial key saved to: /home/testuser/155E526BA47364BC.key.089
* Dongle partial key saved to: /media/testuser/sdb1/.gnupg/155E526BA47364BC.key.113
* Local partial key saved to: /home/testuser/.egpg/.gnupg/155E526BA47364BC.key.129
The key was split successfully. Whenever you need to use the key
(to sign, seal, open, etc.) connect first the dongle to the PC.
Make sure to move the backup out of the PC (for example on the cloud).
You will need it to recover the key in case that you loose the dongle
or the PC (but it cannot help you if you loose both of them).
testuser@laptop:~$ egpg key recover 155E526BA47364BC.key.089
testuser@laptop:~$ egpg key join
Spliting the key into partial keys makes key management safer and more robust. In case that you loose the dongle the key is not deconspired, because a single partial key is not enough to reconstruct the full key. The same goes for the backup partial key; you can store it on cloud and if somebody manages to get it, they still cannot get your key. Similarly, if you loose the dongle or change the PC, you still can recover the key using the remaining partial key and the backup partial key.
testuser@laptop:~$ egpg gpg --list-secret-keys
/home/testuser/.egpg/.gnupg/secring.gpg
------------------------------------
sec 2048R/C01D2DBD 2015-12-27 [expires: 2020-12-31]
uid Dashamir Hoxha <dashohoxha@gmail.com>
ssb 2048R/DEF9A02A 2015-12-27
EasyGnuPG does not allow more than one valid key (which is unexpired and unrevoked). What can you do if you need to use more than one private key? You can use different home directories for EGPG, one for each key, and they will not mess with each-other. Let's see an example of doing this.
testuser@laptop:~$ egpg init ~/.egpg1 <<< n
testuser@laptop:~$ egpg init ~/.egpg2 <<< n
testuser@laptop:~$ egpg init ~/.egpg <<< n
Now add these lines to ~/.bashrc
:
alias egpg1='EGPG_DIR="/home/testuser/.egpg1" egpg'
alias egpg2='EGPG_DIR="/home/testuser/.egpg2" egpg'
export EGPG_DIR="/home/testuser/.egpg"
testuser@laptop:~$ source ~/.bashrc
testuser@laptop:~$ egpg
EasyGnuPG 2.1-1.0 ( https://github.com/easygnupg/egpg )
EGPG_DIR="/home/testuser/.egpg"
GNUPGHOME="/home/testuser/.egpg/.gnupg"
DONGLE=""
KEYSERVER="hkp://keys.gnupg.net"
GPG_TTY="/dev/pts/20"
SHARE=no
DEBUG=no
No valid key found.
Try first: egpg key gen
or: egpg key fetch
or: egpg key restore
or: egpg key recover
testuser@laptop:~$ egpg1
EasyGnuPG 2.1-1.0 ( https://github.com/easygnupg/egpg )
EGPG_DIR="/home/testuser/.egpg1"
GNUPGHOME="/home/testuser/.egpg1/.gnupg"
DONGLE=""
KEYSERVER="hkp://keys.gnupg.net"
GPG_TTY="/dev/pts/20"
SHARE=no
DEBUG=no
No valid key found.
Try first: egpg key gen
or: egpg key fetch
or: egpg key restore
or: egpg key recover
testuser@laptop:~$ egpg2
EasyGnuPG 2.1-1.0 ( https://github.com/easygnupg/egpg )
EGPG_DIR="/home/testuser/.egpg2"
GNUPGHOME="/home/testuser/.egpg2/.gnupg"
DONGLE=""
KEYSERVER="hkp://keys.gnupg.net"
GPG_TTY="/dev/pts/20"
SHARE=no
DEBUG=no
No valid key found.
Try first: egpg key gen
or: egpg key fetch
or: egpg key restore
or: egpg key recover
testuser@laptop:~$ egpg set debug yes
testuser@laptop:~$ egpg sign test.txt
debug: /usr/bin/gpg2 --quiet --status-fd=2 --homedir=/dev/shm/egpg.YoWn6SQbmXGk0 --list-secret-keys --with-colons
debug: /usr/bin/gpg2 --quiet --status-fd=2 --homedir=/dev/shm/egpg.YoWn6SQbmXGk0 --list-keys --with-colons 01965828F3DA198A
debug: /usr/bin/gpg2 --quiet --status-fd=2 --list-keys --fingerprint --with-sig-check --with-colons 01965828F3DA198A
debug: /usr/bin/gpg2 --quiet --status-fd=2 --list-keys --with-colons 01965828F3DA198A
debug: /usr/bin/gpg2 --quiet --status-fd=2 --import /dev/shm/egpg.YoWn6SQbmXGk0/01965828F3DA198A/01965828F3DA198A.pub
[GNUPG:] IMPORT_OK 0 E8C5C6414838799DD062A2B401965828F3DA198A
[GNUPG:] IMPORT_RES 1 0 0 0 1 0 0 0 0 0 0 0 0 0 0
debug: /usr/bin/gpg2 --quiet --no-tty --status-fd=2 --no-tty --batch --command-fd=0 --edit-key 01965828F3DA198A
[GNUPG:] GET_LINE keyedit.prompt
[GNUPG:] GOT_IT
[GNUPG:] GET_LINE edit_ownertrust.value
[GNUPG:] GOT_IT
[GNUPG:] GET_BOOL edit_ownertrust.set_ultimate.okay
[GNUPG:] GOT_IT
[GNUPG:] GET_LINE keyedit.prompt
[GNUPG:] GOT_IT
debug: /usr/bin/gpg2 --quiet --status-fd=2 --local-user 01965828F3DA198A --detach-sign --armor --output test.txt.signature test.txt
[GNUPG:] BEGIN_SIGNING H8
[GNUPG:] PINENTRY_LAUNCHED 20338
Please enter the passphrase to unlock the OpenPGP secret key:
"Test 1 <test1@example.org>"
4096-bit RSA key, ID 01965828F3DA198A,
created 2016-06-06.
Passphrase:
[GNUPG:] SIG_CREATED D 1 8 00 1465233946 E8C5C6414838799DD062A2B401965828F3DA198A
testuser@laptop:~$ egpg set debug no
Copyright (C) 2016 Dashamir Hoxha (dashohoxha@gmail.com). The code is on GitHub at https://github.com/easygnupg/egpg.
This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.
gpg2
(1), haveged
(8), parcimonie
(1p), gfsplit
(1), gfcombine
(1).