pius - PGP Individual UID Signer
pius [options] -s <signer-keyid>
<keyid> [ <keyid> ... ]
pius [options] -A -r <keyring-path>
-s <signer-keyid>
pius is a tool for individually signing all of the UIDs on
a set of keys, and emailing an encrypted copy of each such signature to the
email address associated with that UID.
As a result of this process, the recipient can choose which
signatures to import. Also, signatures of inactive uids are not delivered.
This tool greatly reduces time and error when signing keys.
- --version
- show program's version number and exit
- -h, --help
- show this help message and exit
- -a,
--use-agent
- Use gpg-agent instead of letting gpg prompt the user or every UID.
[default: true]
- -A,
--all-keys
- Sign all keys on the keyring. Requires -r.
- -d, --debug
- Enable debugging output.
- -b PATH,
--gpg-path=PATH
- Path to gpg binary. [default: /usr/bin/gpg2]
- -e,
--encrypt-outfiles
- Encrypt output files with respective keys.
- -H HOSTNAME,
--mail-host=HOSTNAME
- Hostname of SMTP server. [default: localhost]
- -i,
--interactive
- Use the pexpect module for signing and drop to the gpg shell for entering
the passphrase. [default: false]
- -I, --import
- Also import the unsigned keys from the keyring into the default keyring.
Ignored if -r is not specified, or if it's the same as the default
keyring.
- -m FROM-EMAIL,
--mail=FROM-EMAIL
- Email the encrypted, signed keys to the respective email addresses using
FROM-EMAIL as the sender. See also -H and -P.
- -M FILE,
--mail-text=FILE
- Use the text in FILE as the body of email when sending out emails
instead of the default text. To see the default text use
--print-default-email. Requires -m.
- -N,
--no-sort-keyring
- Do not sort the keyring by name.
- -n TO-EMAIL,
--override-email=TO-EMAIL
- Rather than send to the user, send to this address. Mostly useful for
debugging.
- -o OUTPUT-DIR,
--out-dir=OUTPUT-DIR
- Directory to put signed keys in. [default: /tmp/pius_out]
- -O,
--no-pgp-mime
- Do not use PGP/Mime when sending email.
- -p,
--cache-passphrase
- Cache private key passphrase in memory and provide it to gpg instead of
letting gpg prompt the user for every UID. [default: false]
- -P PORT,
--mail-port=PORT
- Port of SMTP server. [default: 25]
- -r KEYRING,
--keyring=KEYRING
- The keyring to use. Be sure to specify full or relative path. Just a
filename will cause GPG to assume relative to ~/.gnupg. [default:
~/.gnupg/pubring.gpg]
- -s SIGNER-KEYID,
--signer=SIGNER-KEYID
- The keyid to sign with (required).
- -f KEYID,
--force-signer=KEYID
- Force GnuPG to use this exact keyid to sign (do not guess subkey)
- -S,
--no-mail-tls
- Do not use STARTTLS when talking to the SMTP server.
- -t TEMP-DIR,
--tmp-dir=TEMP-DIR
- Directory to put temporary stuff in. [default: /tmp/pius_tmp]
- -T,
--print-default-email
- Print the default email.
- -u USER,
--mail-user=USER
- Authenticate to the SMTP server with username USER. You will be
prompted for the password.
- -U POLICY-URL,
--policy-url=POLICY-URL
- Policy URL to include in each signature.
- -v, --verbose
- Be more verbose.
PIUS was written by Phil Dibowitz <phil@ipom.com>
This manual page was written by Luke Cycon
<lcycon@gmail.com> and Felix Lechner <felix.lechner@gmail.com>
for the Debian project, but may be used by others.