This commit is contained in:
@@ -15,10 +15,10 @@ go install sneak.berlin/go/vaultik/cmd/vaultik@latest
|
|||||||
# create a default config file (prints the path it wrote to)
|
# create a default config file (prints the path it wrote to)
|
||||||
vaultik config init
|
vaultik config init
|
||||||
|
|
||||||
# generate an age keypair; keep key.txt somewhere safe and offline —
|
# generate an age keypair; keep the private key file somewhere safe and
|
||||||
# you need it to restore, and the backed-up machine does not need it
|
# offline — you need it to restore, and the backed-up machine does not need it
|
||||||
age-keygen -o key.txt
|
age-keygen -o vaultik_backup_private_key.txt
|
||||||
grep 'public key' key.txt
|
grep 'public key' vaultik_backup_private_key.txt
|
||||||
|
|
||||||
# configure the encryption key and backup destination
|
# configure the encryption key and backup destination
|
||||||
vaultik config set age_recipients.0 age1YOUR_PUBLIC_KEY_HERE
|
vaultik config set age_recipients.0 age1YOUR_PUBLIC_KEY_HERE
|
||||||
|
|||||||
@@ -20,7 +20,8 @@ const defaultConfigTemplate = `# vaultik configuration
|
|||||||
# Age recipient public keys for encryption.
|
# Age recipient public keys for encryption.
|
||||||
# Backups are encrypted to ALL listed recipients. Any one of the corresponding
|
# Backups are encrypted to ALL listed recipients. Any one of the corresponding
|
||||||
# private keys can decrypt. Generate a keypair with:
|
# private keys can decrypt. Generate a keypair with:
|
||||||
# age-keygen -o key.txt && grep 'public key' key.txt
|
# age-keygen -o vaultik_backup_private_key.txt
|
||||||
|
# grep 'public key' vaultik_backup_private_key.txt
|
||||||
age_recipients:
|
age_recipients:
|
||||||
- age1REPLACE_WITH_YOUR_PUBLIC_KEY
|
- age1REPLACE_WITH_YOUR_PUBLIC_KEY
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user