update init/rekey documentation around keybase entries

2026-05-28 04:10:44 -04:00 · 2016-01-04 14:17:51 -05:00 · 2016-01-04 14:17:51 -05:00 · 139ab81f58
commit 139ab81f58
parent 592e1e5631
2 changed files with 14 additions and 12 deletions
--- a/command/init.go
+++ b/command/init.go
@ -96,12 +96,13 @@ Init Options:

  -pgp-keys               If provided, must be a comma-separated list of
                          files on disk containing binary- or base64-format
-                          public PGP keys. The number of files must match
-                          'key-shares'. The output unseal keys will encrypted
-                          and hex-encoded, in order, with the given public keys.
-                          If you want to use them with the 'vault unseal'
-                          command, you will need to hex decode and decrypt;
-                          this will be the plaintext unseal key.
+                          public PGP keys, or Keybase usernames specified as
+                          "keybase:<username>". The number of given entries
+                          must match 'key-shares'. The output unseal keys will
+                          encrypted and hex-encoded, in order, with the given
+                          public keys.  If you want to use them with the 'vault
+                          unseal' command, you will need to hex decode and
+                          decrypt; this will be the plaintext unseal key.
 `
 	return strings.TrimSpace(helpText)
 }
--- a/command/rekey.go
+++ b/command/rekey.go
@ -233,12 +233,13 @@ Unseal Options:

  -pgp-keys               If provided, must be a comma-separated list of
                          files on disk containing binary- or base64-format
-                          public PGP keys. The number of files must match
-                          'key-shares'. The output unseal keys will encrypted
-                          and hex-encoded, in order, with the given public keys.
-                          If you want to use them with the 'vault unseal'
-                          command, you will need to hex decode and decrypt;
-                          this will be the plaintext unseal key.
+                          public PGP keys, or Keybase usernames specified as
+                          "keybase:<username>". The number of given entries
+                          must match 'key-shares'. The output unseal keys will
+                          encrypted and hex-encoded, in order, with the given
+                          public keys.  If you want to use them with the 'vault
+                          unseal' command, you will need to hex decode and
+                          decrypt; this will be the plaintext unseal key.
 `
 	return strings.TrimSpace(helpText)
 }