Skip to main content

A front-end for GnuPG

Project description

Introduction

gpgkeys is a Python program that allows to conveniently manage GnuPG keys and keyrings from the command line. It comes in the form of a shell, with commands resembling GnuPG CLI commands and their options. Its main feature is end-to-end TAB completion.

gpgkeys also serves as testbed for the development of the kmd and rl Python libraries.

Motivation

The GnuPG CLI is very powerful - and with great power comes great incomprehensibility.

gpgkeys makes key management easy by:

  1. Providing a sensible subset of GnuPG commands, and

  2. Using TAB completion to streamline the input process and guide the user through key management tasks.

Example Session

Everything in gpgkeys can be TAB completed: commands, help topics, option flags, key ids, user names, file names, shell commands, and keyserver URLs.

$ gpgkeys
gpgkeys 1.20 (type help for help)

gpgkeys> help

Available commands (type help <topic>):
=======================================
EOF       del   export  genkey     import   lsign  refresh  shell
checksig  dump  fdump   genrevoke  list     quit   search   sign
clear     edit  fetch   help       listsig  recv   send     version

Shortcut commands (type help <topic>):
======================================
!  .  ?  e  ll  ls

gpgkeys> help export
Usage: export <keyspec>
Options: --armor --clean --minimal --output --secret

Export keys to stdout or to a file

gpgkeys> ls Stefan
pub   1024R/E1F438AD 1995-10-03
uid                  Stefan H. Holek (RSA) <stefan@epy.co.at>

pub   1024D/355A2D28 2001-11-04
uid                  Stefan H. Holek <stefan@epy.co.at>
sub   2048g/A27E0DBC 2004-10-27

gpgkeys> export --armor 355A2D28 > stefan.asc
gpgkeys> .ls
alice.asc             stefan.asc

Some Details

gpgkeys understands shell pipes and input/output redirects. This allows command lines like:

gpgkeys> export 355A2D28 | pgpdump | less

To see the commands gpgkeys sends to GnuPG, run gpgkeys with the -v option:

$ gpgkeys -v
gpgkeys 1.20 (type help for help)

gpgkeys> ls 355A2D28
gpgkeys: gpg --list-keys 355A2D28
pub   1024D/355A2D28 2001-11-04
uid                  Stefan H. Holek <stefan@epy.co.at>
sub   2048g/A27E0DBC 2004-10-27

For everything you ever wanted to know about GnuPG commands, type:

gpgkeys> .man gpg

gpgkeys can be invoked with arguments, in which case it does not enter the command loop:

$ gpgkeys export --armor 355A2D28 > stefan.asc

Keyservers

For the recv, refresh, search, and send commands to work nicely, at least one keyserver should be configured in gpg.conf. For example:

keyserver ldap://keyserver.pgp.com
keyserver hkp://pgp.surfnet.nl

The last keyserver in gpg.conf becomes the default keyserver. All keyservers become available for completion after the --keyserver option.

Unicode

OpenPGP allows user IDs to be either Latin-1 or UTF-8 encoded. In order to locate a key via a non-ASCII name, GnuPG requires the search string to be encoded correctly. In other words, to match a Latin-1 name the search string must itself be Latin-1.

gpgkeys’ key completion keeps track of the original encodings, and every name you TAB complete is automatically encoded to match GnuPG’s expectations. You may sometimes see ? characters in place of non-ASCII characters on the command line, which are the result of the above and no reason for concern.

Development

gpgkeys development is hosted on GitHub. It also has an issue tracker there.

Installation

Installation requires Python 2.5 or higher.

gpgkeys depends on kmd, which in turn uses the rl library. Since rl contains a C extension, it is a good idea to review its installation instructions and make sure all dependencies are in place.

To install the gpgkeys script, type:

easy_install gpgkeys

Then put it on your system PATH by e.g. symlinking it to /usr/local/bin.

Requirements

The gpg command must be available on the system PATH.

Changelog

1.20 - 2012-04-27

  • Save the tty state before executing subprocesses, restore afterwards. [stefan]

  • Support Python 2.5. [stefan]

  • Require term >= 2.0. [stefan]

1.19 - 2012-04-14

  • Include command aliases in help screens. [stefan]

  • Return useful exit codes when gpgkeys is invoked with arguments. [stefan]

  • Fix “double prompt” issue when the edit menu was exited with ^D. [stefan]

  • The import and fdump commands now support input redirection via ‘<’. [stefan]

1.18 - 2011-11-05

  • In Python 3, make sure the input function accepts surrogates. Also see Python issue 13342. [stefan]

  • Keyserver completion broke when it failed to find a gpg.conf file. [stefan]

  • The import command ignored option flags when reading from stdin. [stefan]

  • Add pretty Sphinx-based docs. [stefan]

  • Require kmd >= 2.1. [stefan]

1.17 - 2011-10-06

  • Use the new aliases dictionary to set up command aliases. [stefan]

  • Make sure error messages go to stderr. [stefan]

  • Ignore signals when a pager application is in the foreground. [stefan]

  • Require kmd >= 2.0. [stefan]

1.16.1 - 2011-07-25

  • Fix history file handling silently broken in 1.16. [stefan]

1.16 - 2011-07-14

  • Use kmd.Kmd instead of cmd.Cmd as base class. [stefan]

  • Depend on rl through the kmd dependency only. [stefan]

1.15 - 2011-05-05

  • Require rl >= 1.14. [stefan]

1.14 - 2011-03-24

  • Add ‘!’ and ‘.’ to shortcut commands so they show up in help. [stefan]

  • Drop Python 2.5 support in favor of faster byte string operations in later Python versions. [stefan]

1.13 - 2011-03-11

  • Require rl >= 1.13. [stefan]

1.12 - 2010-05-21

  • Print help when required command arguments are missing. [stefan]

  • Require rl >= 1.11. [stefan]

1.11 - 2010-05-07

  • Change an import statement so 2to3 is able to resolve it. [stefan]

1.10 - 2010-05-05

  • Refactor completions: Extract generic parts into base class. [stefan]

  • Require rl >= 1.10. [stefan]

1.9 - 2010-03-07

  • Rename the del command’s –all option to –secret-and-public. [stefan]

  • Require rl >= 1.6. [stefan]

1.8.2 - 2010-03-01

  • Fix failing tests under Python 3 on Linux. [stefan]

1.8.1 - 2010-02-25

  • Restore Python 2.5 compatibility. D’oh. [stefan]

1.8 - 2010-02-25

  • Support Python 3 via distribute. [stefan]

  • The –fingerprint option may be given more than once. [stefan]

1.7.1 - 2010-02-13

  • Depend on rl >= 1.4.1 explicitly so setuptools does not forget to upgrade it as well. [stefan]

1.7 - 2010-02-13

  • Change license to GPL. [stefan]

1.6 - 2010-01-31

  • Add –clean and –minimal import/export options to respective commands. [stefan]

  • Fix –merge-only import option of keyserver commands. [stefan]

  • Remove the –yes option again since it has no apparent effect. [stefan]

1.5 - 2010-01-26

  • Remove obsolete –secret option from the import command. [stefan]

  • Userid completion is now triggered by any kind of quoting. [stefan]

  • Allow to specifiy command line options after the argument. [stefan]

1.4 - 2010-01-20

  • Extend the quoting and dequoting API to make it more (re)usable. [stefan]

  • Dequoting didn’t work right when the default quoting character was single quote. [stefan]

  • Tildes in quoted filenames could cause quotes to be closed even if the tilde-expanded name matched a directory. [stefan]

1.3 - 2010-01-03

  • Cut down on infrastructure slack in filename completion. The individual strategies are very small. [stefan]

  • Remove logging as it clutters up the code. [stefan]

  • Add an example session to the README. [stefan]

1.2 - 2009-11-24

  • Extend keyid completion to also complete userids and names. [stefan]

  • Extract filename completion functionality into functions, as it is useful in other places as well. [stefan]

1.1 - 2009-11-16

  • Allow to specify the filename quoting style on the command line to ease experimentation. [stefan]

  • Filename completion: By dequoting early on we can skip a problematic hook and regain control over tilde expansion. Also see rl issue/3. [stefan]

1.0 - 2009-11-08

  • Initial release.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

gpgkeys-1.20.zip (38.9 kB view hashes)

Uploaded Source

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page