1GIT-CRYPT(1)                       git-crypt                      GIT-CRYPT(1)
2
3
4

NAME

6       git-crypt - transparent file encryption in Git
7

SYNOPSIS

9       git-crypt [OPTIONS] COMMAND [ARGS...]
10

COMMON COMMANDS

12       git-crypt init
13
14       git-crypt status
15
16       git-crypt lock
17

GPG COMMANDS

19       git-crypt add-gpg-user GPG_USER_ID
20
21       git-crypt unlock
22

SYMMETRIC KEY COMMANDS

24       git-crypt export-key OUTPUT_KEY_FILE
25
26       git-crypt unlock KEY_FILE
27

DESCRIPTION

29       git-crypt enables transparent encryption and decryption of files in a
30       git repository. Files which you choose to protect are encrypted when
31       committed, and decrypted when checked out. git-crypt lets you freely
32       share a repository containing a mix of public and private content.
33       git-crypt gracefully degrades, so developers without the secret key can
34       still clone and commit to a repository with encrypted files. This lets
35       you store your secret material (such as keys or passwords) in the same
36       repository as your code, without requiring you to lock down your entire
37       repository.
38

COMMANDS

40       git-crypt is logically divided into several sub-commands which perform
41       distinct tasks. Each sub-command, and its arguments, are documented
42       below. Note that arguments and options to sub-commands must be
43       specified on the command line after the name of the sub-command.
44
45       init [OPTIONS]
46           Generate a key and prepare the current Git repository to use
47           git-crypt.
48
49           The following options are understood:
50
51           -k KEY_NAME, --key-name KEY_NAME
52               Initialize the given key instead of the default key. git-crypt
53               supports multiple keys per repository, allowing you to share
54               different files with different sets of collaborators.
55
56       status [OPTIONS]
57           Display a list of files in the repository, with their status
58           (encrypted or unencrypted).
59
60           The following options are understood:
61
62           -e
63               Show only encrypted files.
64
65           -u
66               Show only unencrypted files.
67
68           -f, --fix
69               Encrypt files that should be encrypted but were committed to
70               the repository or added to the index without encryption. (This
71               can happen if a file is added before git-crypt is initialized
72               or before the file is added to the gitattributes file.)
73
74       add-gpg-user [OPTIONS] GPG_USER_ID...
75           Add the users with the given GPG user IDs as collaborators.
76           Specifically, git-crypt uses gpg(1) to encrypt the shared symmetric
77           key to the public keys of each GPG user ID, and stores the
78           GPG-encrypted keys in the .git-crypt directory at the root of the
79           repository.
80
81           GPG_USER_ID can be a key ID, a full fingerprint, an email address,
82           or anything else that uniquely identifies a public key to GPG (see
83           "HOW TO SPECIFY A USER ID" in the gpg(1) man page).
84
85           The following options are understood:
86
87           -k KEY_NAME, --key-name KEY_NAME
88               Grant access to the given key, rather than the default key.
89
90           -n, --no-commit
91               Don't automatically commit the changes to the .git-crypt
92               directory.
93
94           --trusted
95               Assume that the GPG keys specified on the command line are
96               trusted; i.e. they actually belong to the users that they claim
97               to belong to.
98
99               Without this option, git-crypt uses the same trust model as
100               GPG, which is based on the Web of Trust by default. Under this
101               model, git-crypt will reject GPG keys that do not have trusted
102               signatures.
103
104               If you don't want to use the Web of Trust, you can either
105               change GPG's trust model by setting the trust-model option in
106               ~/.gnupg/gpg.conf (see gpg(1)), or use the --trusted option to
107               add-gpg-user on a case-by-case basis.
108
109       unlock [KEY_FILE...]
110           Decrypt the repository. If one or more key files are specified on
111           the command line, git-crypt attempts to decrypt using those shared
112           symmetric keys. If no key files are specified, git-crypt attempts
113           to decrypt using a GPG-encrypted key stored in the repository's
114           .git-crypt directory.
115
116           This command takes no options.
117
118       export-key [OPTIONS] FILENAME
119           Export the repository's shared symmetric key to the given file.
120
121           The following options are understood:
122
123           -k KEY_NAME, --key-name KEY_NAME
124               Export the given key, rather than the default key.
125
126       help [COMMAND]
127           Display help for the given COMMAND, or an overview of all commands
128           if no command is specified.
129
130       version
131           Print the currently-installed version of git-crypt. The format of
132           the output is always "git-crypt", followed by a space, followed by
133           the dotted version number.
134

USING GIT-CRYPT

136       First, you prepare a repository to use git-crypt by running git-crypt
137       init.
138
139       Then, you specify the files to encrypt by creating a gitattributes(5)
140       file. Each file which you want to encrypt should be assigned the
141       "filter=git-crypt diff=git-crypt" attributes. For example:
142
143           secretfile filter=git-crypt diff=git-crypt
144           *.key filter=git-crypt diff=git-crypt
145
146       Like a .gitignore file, .gitattributes files can match wildcards and
147       should be checked into the repository. Make sure you don't accidentally
148       encrypt the .gitattributes file itself (or other git files like
149       .gitignore or .gitmodules). Make sure your .gitattributes rules are in
150       place before you add sensitive files, or those files won't be
151       encrypted!
152
153       To share the repository with others (or with yourself) using GPG, run:
154
155           git-crypt add-gpg-user GPG_USER_ID
156
157       GPG_USER_ID can be a key ID, a full fingerprint, an email address, or
158       anything else that uniquely identifies a public key to GPG. Note:
159       git-crypt add-gpg-user will add and commit a GPG-encrypted key file in
160       the .git-crypt directory of the root of your repository.
161
162       Alternatively, you can export a symmetric secret key, which you must
163       securely convey to collaborators (GPG is not required, and no files are
164       added to your repository):
165
166           git-crypt export-key /path/to/key
167
168       After cloning a repository with encrypted files, unlock with with GPG:
169
170           git-crypt unlock
171
172       Or with a symmetric key:
173
174           git-crypt unlock /path/to/key
175
176       That's all you need to do - after git-crypt is set up (either with
177       git-crypt init or git-crypt unlock), you can use git normally -
178       encryption and decryption happen transparently.
179

THE .GITATTRIBUTES FILE

181       The .gitattributes file is documented in gitattributes(5). The file
182       pattern format is the same as the one used by .gitignore, as documented
183       in gitignore(5), with the exception that specifying merely a directory
184       (e.g. "/dir/") is not sufficient to encrypt all files beneath it.
185
186       Also note that the pattern "dir/*" does not match files under
187       sub-directories of dir/. To encrypt an entire sub-tree dir/, place the
188       following in dir/.gitattributes:
189
190           * filter=git-crypt diff=git-crypt
191           .gitattributes !filter !diff
192
193       The second pattern is essential for ensuring that .gitattributes itself
194       is not encrypted.
195

MULTIPLE KEY SUPPORT

197       In addition to the implicit default key, git-crypt supports alternative
198       keys which can be used to encrypt specific files and can be shared with
199       specific GPG users. This is useful if you want to grant different
200       collaborators access to different sets of files.
201
202       To generate an alternative key named KEYNAME, pass the -k KEYNAME
203       option to git-crypt init as follows:
204
205           git-crypt init -k KEYNAME
206
207       To encrypt a file with an alternative key, use the git-crypt-KEYNAME
208       filter in .gitattributes as follows:
209
210           secretfile filter=git-crypt-KEYNAME diff=git-crypt-KEYNAME
211
212       To export an alternative key or share it with a GPG user, pass the -k
213       KEYNAME option to git-crypt export-key or git-crypt add-gpg-user as
214       follows:
215
216           git-crypt export-key -k KEYNAME /path/to/keyfile
217           git-crypt add-gpg-user -k KEYNAME GPG_USER_ID
218
219       To unlock a repository with an alternative key, use git-crypt unlock
220       normally. git-crypt will automatically determine which key is being
221       used.
222

SEE ALSO

224       git(1), gitattributes(5), git-crypt home page[1], GitHub repository[2]
225

AUTHOR

227       Andrew Ayer <agwa@andrewayer.name>
228

NOTES

230        1. git-crypt home page
231           https://www.agwa.name/projects/git-crypt
232
233        2. GitHub repository
234           https://github.com/AGWA/git-crypt
235
236
237
238git-crypt 0.6.0                   2017-11-26                      GIT-CRYPT(1)
Impressum