PIUS

NAME

pius - PGP Individual UID Signer

SYNOPSIS

pius [options] -s <signer-keyid> <keyid> [ <keyid> ... ]
pius [options] -A -r <keyring-path> -s <signer-keyid>

DESCRIPTION

pius is a tool for individually signing all of the UIDs on a set of keys, and emailing an encrypted copy of each such signature to the email address associated with that UID.

As a result of this process, the recipient can choose which signatures to import. Also, signatures of inactive uids are not delivered. This tool greatly reduces time and error when signing keys.

OPTIONS

--version

show program’s version number and exit

-h, --help

show this help message and exit

-A, --all-keys

Sign all keys on the keyring. Requires -r.

-d, --debug

Enable debugging output.

-b PATH, --gpg-path=PATH

Path to gpg binary. [default: /usr/bin/gpg2]

-e, --encrypt-outfiles

Encrypt output files with respective keys.

-H HOSTNAME, --mail-host=HOSTNAME

Hostname of SMTP server. [default: localhost]

-I, --import

Also import the unsigned keys from the keyring into the default keyring. Ignored if -r is not specified, or if it’s the same as the default keyring.

-m FROM-EMAIL, --mail=FROM-EMAIL

Email the encrypted, signed keys to the respective email addresses using FROM-EMAIL as the sender. See also -H and -P.

-M FILE, --mail-text=FILE

Use the text in FILE as the body of email when sending out emails instead of the default text. To see the default text use --print-default-email. Requires -m.

-N, --no-sort-keyring

Do not sort the keyring by name.

-n TO-EMAIL, --override-email=TO-EMAIL

Rather than send to the user, send to this address. Mostly useful for debugging.

-o OUTPUT-DIR, --out-dir=OUTPUT-DIR

Directory to put signed keys in. [default: /tmp/pius_out]

-O, --no-pgp-mime

Do not use PGP/Mime when sending email.

-P PORT, --mail-port=PORT

Port of SMTP server. [default: 587]

-r KEYRING, --keyring=KEYRING

The keyring to use. Be sure to specify full or relative path. Just a filename will cause GPG to assume relative to ˜/.gnupg. [default: ˜/.gnupg/pubring.gpg]

-s SIGNER-KEYID, --signer=SIGNER-KEYID

The keyid to sign with (required).

-f KEYID, --force-signer=KEYID

Force GnuPG to use this exact keyid to sign (do not guess subkey)

-S, --no-mail-tls

Do not use STARTTLS when talking to the SMTP server.

-t TEMP-DIR, --tmp-dir=TEMP-DIR

Directory to put temporary stuff in. [default: /tmp/pius_tmp]

-T, --print-default-email

Print the default email.

-u USER, --mail-user=USER

Authenticate to the SMTP server with username USER. You will be prompted for the password.

-U POLICY-URL, --policy-url=POLICY-URL

Policy URL to include in each signature.

-v, --verbose

Be more verbose.

AUTHOR

PIUS was written by Phil Dibowitz <phil@ipom.com>

This manual page was written by Luke Cycon <lcycon@gmail.com> and Felix Lechner <felix.lechner@gmail.com> for the Debian project, but may be used by others.