1. kbsecret-session(1)
  2. KBSecret Manual
  3. kbsecret-session(1)

NAME

kbsecret-session - create a new kbsecret(1) session

SYNOPSIS

kbsecret session new [options] <label>

kbsecret session rm [options] <session>

DESCRIPTION

Manages kbsecret sessions.

There are two kinds of sessions: team-based and teamless (the default).

Team-based sessions are placed in a team folder managed by Keybase. Teams have access controls and a mutable user list, making them ideal for sharing secrets between members of a changing team.

Teamless sessions are placed in a folder managed by KBSecret itself. Teamless sessions have a fixed number of users, all of whom have full read/write access to all secrets. Teamless sessions are ideal for isolating one's own secrets (single-user sessions).

COMMANDS

new

Creates a new session.

The -t, --team <team> option create a team-based session managed by Keybase.

The -u, --users <users> option designates the list of users sharing the session. Users are separated by commas, Keybase style, with no spacing.

By default, the currently logged-in Keybase user is selected.

This option has no effect if the session is created with -t, --team.

The -r, --root <directory> option designates the directory that all session records will be stored in.

This option has no effect if the session is created with -t, --team.

The -c, --create-team option creates the Keybase team if it does not already exist.

This option has no effect unless the session is created with -t, --team.

The -f, --force option ignores and overwrites the session label if it already exists.

This functionally only "deconfigures" the previous session, leaving its actual files intact.

The -n, --no-notify option prevents a Keybase chat from being sent to the session's members.

This option has no effect if the current user is the only member of the session, or if the session is created with -t. --team.

rm

Deconfigures a given session and, optionally, deletes all records associated with it.

By default, rm only removes the session from the configuration, making it functionally invisible to kbsecret. However, when the -d, --delete option is passed, all records within the session are deleted from KBFS.

The -d or --delete option deletes all records in addition to normal deconfiguration. This is a potentially destructive option; be careful when using it!

EXAMPLES

  $ kbsecret session new --team hackers beta-api
  $ kbsecret session new -ct hackers.topsecret alpha-api
  $ kbsecret session new -r keys-dir old-keys
  $ kbsecret session new -r team -u alice,bob dev-team

  $ kbsecret session rm dev-team
  $ kbsecret session rm -d old-keys

Keybase Teams: https://keybase.io/blog/introducing-keybase-teams

SEE ALSO

kbsecret(1), kbsecret-cp(1), kbsecret-rm(1), kbsecret-sessions(1)

  1. 1.8.1
  2. March 2019
  3. kbsecret-session(1)