eyaml(1) command line interface for the hiera eyaml backend

SYNOPSIS

[--help ] [subcommand [subcommand options ] ]

all subcommands

[--help , -h ]
Display help
[--version ]
Display program version
[--verbose , -v ]

[--quiet , -q ]

[--encrypt-method , -n METHOD ]
Override default encryption and decryption method (default: pkcs7)
[--pkcs7-private-key FILE ]
Path to private key (default: ./keys/private_key.pkcs7.pem)
[--pkcs7-public-key FILE ]
Path to public key (default: ./keys/public_key.pkcs7.pem)
[--pkcs7-subject SUBJECT ]
Subject to use for certificate when creating keys (default: /)

eyaml createkeys [options]

Create a new key pair

eyaml decrypt [options]

Decrypt data
[--string STRING ]
Source input STRING is provided as an argument
[--file , -f FILE ]
Source input FILE is a regular file
[--eyaml , -e FILE ]
Source input FILE is an eyaml file
[--stdin ]
Source input is taken from STDIN

eyaml edit FILE

Edit a file

eyaml encrypt [options]

[--password , -p ]
Source input is a password entered on the terminal
[--eyaml , -e FILE ]
Source input FILE is an eyaml file
[--file , -f FILE ]
Source input FILE is a regular file
[--stdin ]
Source input is taken from STDIN
[--string STRING ]
Source input STRING is provided as an argument
[--output , -o ]
Output format of final result (examples, block, string) (default: examples)
[--label , -l LABEL ]
Apply a label to the encrypted result

eyaml recrypt [options]

recrypt an eyaml file

eyaml version

show version information

DESCRIPTION

The command is a command line interface for hiera-eyaml. It is used to create keys, encrypt and decrypt data, and act as a wrapper around a text editor.

EXAMPLES

encrypting data

$ eyaml encrypt --string 'foo bar'
Encrypts the command line argument to "--string", and outputs the encrypted data on two formats, line and block. This can be included in an .eyaml file. The "eyaml" command expects keys to be present in the "./keys/" directory by default.

using the editor wrapper

$ eyaml edit hieradata/common.eyaml
Decrypts the file into a temporary file, and opens the file in a text editor. Values to be encrypted are wrapped in markup. When the file is saved, any changed values are encrypted.

AUTHORS

was written by Geoff Meakin, Peter Dyson, Robert Fielding, Simon Hildrew and Tom Poulton.

This man page was written by Stig Sandbeck Mathisen for the Debian distribution, but may be used by others.

BUGS

The file referenced in "eyaml edit" must exist.

An error in the markup may result in "eyaml edit" not being able to open the file.