Provided by: sq_0.40.0-1_amd64 
NAME
sq keyring - Manage collections of keys or certs
SYNOPSIS
sq keyring list [OPTIONS] FILE
sq keyring split [OPTIONS] FILE
sq keyring merge [OPTIONS] FILE
sq keyring filter [OPTIONS] FILE
DESCRIPTION
Manage collections of keys or certs.
Collections of keys or certificates (also known as "keyrings" when they contain secret key
material, and "certrings" when they don't) are any number of concatenated certificates.
This subcommand provides tools to list, split, merge, and filter keyrings.
Note: In the documentation of this subcommand, we sometimes use the terms keys and certs
interchangeably.
SUBCOMMANDS
sq keyring list
List keys in a keyring.
Prints the fingerprint as well as the primary userid for every certificate encountered in
the keyring.
sq keyring split
Split a keyring into individual keys.
Splitting up a keyring into individual keys helps with curating a keyring.
The converse operation is `sq keyring merge`.
sq keyring merge
Merge keys or keyrings into a single keyring.
Multiple versions of the same certificate are merged together. Where data is replaced
(e.g., secret key material), data from the later certificate is preferred.
sq keyring filter
Join keys into a keyring applying a filter.
This can be used to filter keys based on given predicates, e.g. whether they have a user
id containing an email address with a certain domain. Additionally, the keys can be
pruned to only include components matching the predicates.
If no filters are supplied, everything matches.
If multiple predicates are given, they are or'ed, i.e., a key matches if any of the
predicates match. To require all predicates to match, chain multiple invocations of this
command. See EXAMPLES for inspiration.
Note: this command is considered experimental and may change in future releases. To
acknowledge this, you must give the `--experimental` flag when invoking this command.
EXAMPLES
sq keyring list
List all certificates.
sq keyring list certs.pgp
List all certificates with a user ID on example.org.
sq keyring filter --experimental --domain=example.org \
certs.pgp \
| sq keyring list
sq keyring split
Split all certificates.
sq keyring split certs.pgp
Split all certificates, merging them first to avoid duplicates.
sq keyring merge certs.pgp \
| sq keyring split
sq keyring merge
Merge certificate updates.
sq keyring merge bob.pgp bob-updates.pgp
sq keyring filter
Convert all keys to certificates (i.e. remove any secret key material).
sq keyring filter --experimental --to-cert certs.pgp
Get all certificates with a user ID on example.org.
sq keyring filter --experimental --domain=example.org \
certs.pgp
Get all certificates with a user ID on example.org or example.net.
sq keyring filter --experimental --domain=example.org \
--domain=example.net certs.pgp
Get all certificates with a name user ID matching Romeo.
sq keyring filter --experimental --name=Romeo certs.pgp
Get all certificates with a name user ID matching Romeo on example.org.
sq keyring filter --experimental --domain=example.org \
certs.pgp \
| sq keyring filter --experimental --name=Romeo
Get all certificates with a user ID on example.org, pruning other user IDs.
sq keyring filter --experimental --domain=example.org \
--prune-certs certs.pgp
SEE ALSO
sq(1), sq-keyring-list(1), sq-keyring-split(1), sq-keyring-merge(1), sq-keyring-filter(1).
For the full documentation see <https://book.sequoia-pgp.org>.
VERSION
0.40.0 (sequoia-openpgp 1.21.2)