About
gpg-tui is a Terminal User Interface for GnuPG.
It aims to ease the key management operations such as listing/exporting/signing by providing an interface along with the command-line fallback for more complex operations. It is not trying to be a full-fledged interface for all the features that gpg provides but it tries to bring a more interactive approach to key management.
- About
- Requirements
- Installation
- Usage
- Key Bindings
- Approach
- Features
- Roadmap
- Resources
- Social Media
- Funding
- License
- Copyright
Requirements
- Rust:
>=1.46.0 - Core dependencies:
gnupg,gpgme>=1.7.0,libgpg-error - Other dependencies:
libxcb
Installation
Cargo
gpg-tui is available on crates.io:
Arch Linux
gpg-tui can be installed using available AUR packages with an AUR helper:
Or if you prefer, you can clone the AUR packages and compile them with makepkg:
# clone the AUR repository
&&
# build the package
Docker
Docker Hub
See available tags.
Using the Dockerfile
# clone the repository
&&
# build the image
# run the container
Manually
Building from source
# clone the repository
&&
# build and install
Binary releases
See available releases that are automated by Continuous Deployment workflow.
Usage
gpg-tui [FLAGS] [OPTIONS]
FLAGS:
-a, --armor Enables ASCII armored output
--splash Shows the splash screen on startup
-h, --help Prints help information
-V, --version Prints version information
OPTIONS:
--homedir <dir> Sets the GnuPG home directory [env: HOMEDIR=]
-o, --outdir <dir> Sets the output directory [env: OUTDIR=]
-d, --default-key <key> Sets the default key to sign with [env: DEFAULT_KEY=]
-t, --tick-rate <ms> Sets the tick rate of the terminal [env: TICK_RATE=] [default: 250]
-c, --color <color> Sets the accent color of the terminal [env: COLOR=] [default: gray]
-s, --style <style> Sets the style of the terminal [env: STYLE=] [default: plain]
[possible values: plain, colored]
Key Bindings
User Interface
| Key Binding | Action |
|---|---|
? |
show help |
o,space,enter |
show options |
hjkl,arrows,pgkeys |
navigate |
n |
switch to normal mode |
v |
switch to visual mode |
c |
switch to copy mode |
p,C-v |
paste from clipboard |
a |
toggle armored output |
1,2,3 |
set detail level |
t,tab |
toggle detail (all/selected) |
` |
toggle table margin |
m |
toggle table size |
C-s |
toggle style |
/ |
search |
: |
run command |
r,f5 |
refresh application |
q,C-c/d,escape |
quit application |
Key Management
| Key Binding | Action |
|---|---|
x |
export key |
s |
sign key |
e |
edit key |
i |
import key(s) |
f |
receive key |
u |
send key |
g |
generate key |
d,backspace |
delete key |
C-r |
refresh keys |
Approach
Available keys in the keyring (which can be specified via --homedir argument) are showed on a table. This table consists of 2 columns which are key information and user information.
The level of detail that an individual table row shows is determined by detail levels.
Detail Levels
- Minimum: shows only the primary key and user ID.
[sc--] rsa3072/B14085A20355B74DE0CE0FA1E19F76D037BD65B6 │ [u] Example Key <example@key>
- Standard: shows all the subkeys and user IDs.
[sc--] rsa3072/B14085A20355B74DE0CE0FA1E19F76D037BD65B6 │ [u] Example Key <example@key>
| └─(2021-05-14) │ └─[u] Other User ID <example@key>
[--e-] rsa3072/E56CAC142AE5A979BEECB00FB4F68595CAD4E7E5 │
└─(2021-05-14)
- Full: shows signatures.
[sc--] rsa3072/B14085A20355B74DE0CE0FA1E19F76D037BD65B6 │ [u] Example Key <example@key>
| └─(2021-05-14) │ │ └─[13] selfsig (2021-05-16)
[--e-] rsa3072/E56CAC142AE5A979BEECB00FB4F68595CAD4E7E5 │ └─[u] Other User ID <example@key>
└─(2021-05-14) ├─[13] selfsig (2021-05-16)
└─[10] 84C39331F6F85326 Other Signer Key <example@signer> (2021-05-16)
Key Information
An example table entry for the detail level full (which includes subkeys) is explained via reference numbers below.
0: Key flags. Determines what this key can do.
s: signc: certifye: encrypta: authenticate
1: Algorithm of the key.
2: Fingerprint of the key.
3: Indicates that the next key is a subkey.
4: Time information of the key:
- creation time (
Y-m-d) - expiration time (
Y-m-d)
5: Is the key one of the following?
[exp]: expired[rev]: revoked[d]: disabled[i]: invalid[q]: qualified
User Information
An example table entry for the detail level full (which includes other user IDs and signatures) is explained via reference numbers below.
0: Validity of the user.
q: undefinedn: neverm: marginalf: fullu: ultimate?: unknown
1: User ID. (name + email)
2: Indicates the next user ID.
3: Certification level of the signature.
10: no indication11: personal belief but no verification12: casual verification13: extensive verification
4: Indicates that this is a self signature, whereby the users' own private key was used to sign their public key.
5: Key and user ID of the signer. (key + name + email)
6: Time information of the signature.
- creation time (
Y-m-d) - expiration time (
Y-m-d)
7: Is the signature one of the following?
[exp]: expired[rev]: revoked[i]: invalid[!x]: non-exportable
Features
Press ? while running the terminal interface to see information about key bindings and GnuPG configuration.
User Interface
Scrolling
Use arrow or hjkl keys to scroll and navigate through lists/menus/tabs. Additionally, you can use Ctrl-Up/Down combinations or PageUp/PageDown keys to scroll to the top/bottom.
If rows are not fitting on the terminal interface, use Alt + arrow/hjkl keys to individually scroll them.
Options Menu
Most of the actions can be performed using the options menu. Simply press Enter and select what you want to do.
Copy / Paste
There's a copy mode for making it easier to copy particular values to the clipboard. To use this mode, press c followed by one of the key bindings:
x: Copy the exported keyi: Copy the key idf: Copy the key fingerprintu: Copy the user id1,2: Copy the content of the row
Then the value will be copied to the clipboard and the application mode will be reverted to normal.
Press ESC or n to cancel and switch to normal mode during this operation.
Instead of copying values with copy mode, you can use the visual mode which disables the mouse capture. It means that you can select/highlight the text on the interface and copy as you do normally.
visual mode can be used for other purposes such as scrolling via mouse.
Detailed View
Press Tab to toggle the detail level for the selected entry in the list. Number keys (e.g. 1, 2, 3) can be also used to set a specific level.
Press t to toggle the detail level for all entries in the list.
There are couple a of different modes for the size of the tables which changes the details that each entry shows. You can use the m key for switching to different modes.
Search
Press / to search for a value from the currently shown table.
Running commands
Every operation on the terminal interface is handled implicitly by the application-specific commands. So it's possible to do certain things by switching to command mode with pressing : and running commands. (similar to Vim)
For example,
:list pub-> list public keys:set armor true-> enable armored output
A full list of commands can be found here.
Also you can switch between command mode and search by pressing Tab.
Key Management
List
Available keys in the keyring are listed on a table as default. They can be scrolled or the listing type (public/secret keys) can be changed by changing the tab via arrow keys.
See the approach section for more information about the meaning of the table rows.
Export
Press x to export the selected key to a file. The default output directory is $GNUPGHOME/out and can be changed by either using --homedir or --outdir argument.
Additionally, you can enable/disable armored output by pressing a.
Sign
Press s to sign the selected key with the default secret key. This key can be specified with --default-key argument.
This feature uses gpg fallback and runs gpg --sign-key command.
Edit
Press e to edit the selected key.
This feature uses gpg fallback and runs gpg --edit-key command. It presents a menu that provides a list of options to change the key details. See the edit-key documentation for more information.
Import/Receive
Import operation is done by using the :import command. So press i to switch to command mode (which will automatically add the import command) and then give it your file(s) to import.
Similar to import, receive operation is also done by using a command which is :receive. So press f (for fetching keys from a keyserver) and give it your key ID(s).
This feature uses gpg fallback and runs gpg --receive-keys command.
Send
Press u (for uploading to the keyserver) followed by y (for confirmation) to send the selected key to the default keyserver.
Generate
Press g to generate a new key pair.
This feature uses gpg fallback and runs gpg --full-generate-key command. It presents dialogs for all of the generation options.
Delete
Press Backspace followed by y (for confirmation) to delete the selected key from the keyring.
Refresh
Press Ctrl-y for refreshing the keyring.
This feature uses gpg fallback and runs gpg --refresh-keys command.
Styling
You can customize the look of gpg-tui to get rid of its boring and minimalistic vibe. (!)
Colors
To enable colors, you can specify a style with --style argument or press Ctrl-S while running for toggling the style. Currently, only one style is supported which is colored.
If the default accent color of the interface causes problems with your theme or if you just want to change it to something more vivid, you can use --color argument to specify another color in HEX format.
Splash screen
There is a splash screen that shows the project's logo for a couple of seconds if --splash flag is present. It's purely cosmetical.
To enable colors for the splash screen, use the colored style.
Roadmap
Platforms
gpg-tui is tested on Linux systems during the development phase. It should be tested on other platforms such as Microsoft Windows and macOS and found issues should be reported for future compatibility with these platforms.
Packaging
gpg-tui should be more and easily accessible for other platforms/distributions. Thus, it should be packaged for package managers such as Homebrew and APT. If you're a packager and want to contribute, feel free to submit an issue or start a discussion!
Command-Line Fallback
Some of the features of gpg-tui require the execution of the CLI program gpg in order to operate. This is due to the fact that designing a TUI for the menus that gpg already provides is redundant and time-consuming. Also, in case these menus will change in the future, it is better to rely on the gpg rather than implementing these options using GPGME. On the other hand, gpg has some commands that GPGME doesn't directly provide. (e.g --refresh-keys) So it is more convenient to utilize gpg for these cases.
The plan for the future of gpg-tui is utilizing gpg when it is necessary, depending on whether if it is more convenient for the user.
Key Management Only
gpg-tui only aims to do key management for now, although it can do much more utilizing GPGME and/or gpg. It's due to the design choice and also for setting the boundaries of the project.
Resources
About the project
External Links
- GnuPG Documentation
- Understanding PGP/GPG Key Server Output
- What is the meaning of GnuPG's --list-sigs output?
Social Media
Funding
If you find gpg-tui and/or other projects on my GitHub profile useful, consider becoming a patron!
License
Copyright
Copyright © 2021, Orhun Parmaksız