diff options
Diffstat (limited to 'cli/icevault.1')
| -rw-r--r-- | cli/icevault.1 | 93 |
1 files changed, 36 insertions, 57 deletions
diff --git a/cli/icevault.1 b/cli/icevault.1 index 7db6be9..0768b68 100644 --- a/cli/icevault.1 +++ b/cli/icevault.1 @@ -4,17 +4,7 @@ IceVault \- IceVault client user interface .SH SYNOPSIS -.B icevault\fR [\fIOPTIONS\fR] [\fBfill\fR] \fIscheme\fR://\fIhostname\fR/\fIidentity\fR -.br -.B icevault\fR [\fIOPTIONS\fR] \fBinsert\fR [\fIidentity\fR] -.br -.B icevault\fR [\fIOPTIONS\fR] \fBdump\fR \fIscheme\fR://\fIhostname\fR/\fIidentity\fR -.br -.B icevault\fR [\fIOPTIONS\fR] \fBclip\fR \fIscheme\fR://\fIhostname\fR/\fIidentity\fR -.br -.B icevault\fR [\fIOPTIONS\fR] \fBedit\fR \fIscheme\fR://\fIhostname\fR/\fIidentity\fR -.br -.B icevault\fR [\fIOPTIONS\fR] \fBls\fR [\fIscheme\fR://[\fIhostname\fR/[\fIidentity\fR]]] +.B icevault\fR [\fICOMMAND\fR] [\fIOPTION\fR ...] [\fIARG\fR ...] .SH DESCRIPTION @@ -46,8 +36,10 @@ using \fIpwgen\fR(1). .SH COMMANDS +If \fICOMMAND\fR is omitted, \fBfill\fR is assumed. + .TP -.B fill\fR \fIscheme\fR://\fIhostname\fR/\fIidentity\fR +.B fill\fR [\fB-f\fR, \fB--force\fR] [\fB-p\fR, \fB--show-passwords\fR] [\fB-s\fR, \fB--socket=\fR\fIPATH\fR] \fIscheme\fR://\fIhostname\fR/\fIidentity\fR If the scheme (resp. hostname) of the active tab of the active window is not \fIscheme\fR (resp. \fIhostname\fR) the program assumes a phishing attempt and aborts. Otherwise, the \fIidentity\fR file is decrypted and @@ -60,11 +52,34 @@ If \fIidentity\fR has a single password whereas the webpage has 2 (resp. 3), a signup (resp. password changing) page is assumed, and a new password is randomly generated using \fIpwgen\fR(1) if the fields are left blank. +Use \fB--socket=\fR\fIPATH\fR to specify the path to the IceVault +socket. If \fB-f\fR is set, existing values on the browser are ignored. +Passwords are redacted unless the flag \fB-p\fR is set. + +.TP +.B clip\fR \fIscheme\fR://\fIhostname\fR/\fIidentity\fR +Decrypt the \fIidentity\fR file and copy its first password to the +clipboard using \fIxclip\fR(1), with a maximum number of pastes of 1. + +.TP +.B dump\fR [\fB-p\fR, \fB--show-passwords\fR] \fIscheme\fR://\fIhostname\fR/\fIidentity\fR +Decrypt the \fIidentity\fR file and dump its content on the standard +output. Note that while the output is a valid YAML document, original +formatting may not be preserved; in particular, comments and empty lines +are stripped. Passwords are redacted unless the flag \fB-p\fR is set. .TP -.B insert\fR [\fIidentity\fR] +.B edit\fR \fIscheme\fR://\fIhostname\fR/\fIidentity\fR +Decrypt the \fIidentity\fR file to a temporary file and open it using +the editor specified by the EDITOR environment variable (or \fIeditor\fR +if EDITOR is unset). Upon exit, the file is reencrypted if the SHA-256 +digest of its content differs. Note that formatting and comments may +not be preserved by subsequent updates of the \fIidentity\fR file. + +.TP +.B insert\fR [\fB-f\fR, \fB--force\fR] [\fB-s\fR, \fB--socket=\fR\fIPATH\fR] [\fIidentity\fR] Create a new \fIscheme\fR://\fIhostname\fR/\fIidentity\fR URI available -for further \fBfill\fR and other commands. +for further commands. Store the first visible form on the active tab of the active window which contains a password (or the first visible form with a non-empty field if no visible form has a password). If \fIidentity\fR is omitted, it @@ -74,33 +89,17 @@ password). If the webpage has 2 (resp. 3), a signup (resp. password changing) page is assumed, and a new password is randomly generated using \fIpwgen\fR(1) if the fields are left blank. +Use \fB--socket=\fR\fIPATH\fR to specify the path to the IceVault +socket. If the flag \fB-f\fR is set, override the \fIidentity\fR file +if it already exists (the default is to abort). .TP -.B dump\fR \fIscheme\fR://\fIhostname\fR/\fIidentity\fR -Decrypt the \fIidentity\fR file and dump its content on the standard -output. Note that while the output is a valid YAML document, original -formatting may not be preserved; in particular, comments and empty lines -are stripped. +.B ls\fR [\fB-0\fR, \fB--zero\fR] [\fIscheme\fR://[\fIhostname\fR/[\fIidentity\fR]]] +List content of the given identity prefix. If the flag \fB-0\fR is set, +use NUL as line separator. -.TP -.B clip\fR \fIscheme\fR://\fIhostname\fR/\fIidentity\fR -Decrypt the \fIidentity\fR file and copy the first password to the -clipboard using \fIxclip\fR(1), with a maximum number of pastes of 1. -.TP -.B edit\fR \fIscheme\fR://\fIhostname\fR/\fIidentity\fR -Decrypt the \fIidentity\fR file to a temporary file and opens it using -the editor specified by the EDITOR environment variable. When the -editor exits, the file is reencrypted if the SHA-256 digest of its -content differs. Note that formatting and comments may not be preserved -by subsequent updates of the \fIidentity\fR file. - -.TP -.B ls\fR [\fIscheme\fR://[\fIhostname\fR/[\fIidentity\fR]]] -List content of the given identity prefix. - - -.SH OPTIONS +.SH GLOBAL OPTIONS .TP .B \-\-debug Turn on debug mode. @@ -110,29 +109,9 @@ Turn on debug mode. Output a brief help and exit. .TP -.B \-p\fR, \fB\-\-show\-passwords\fR -By default passwords are redacted when printing forms to the standard -output. This flags turns off this behavior. - -.TP -.B \-s\fR \fIsockpath\fR, \fB\-\-socket=\fR\fIsockpath\fR -Specify the path of the UNIX socket used to communicate with the -browser. Can be an absolute path or a path relative to the default -Firefox profile (or first profile found if there is no default profile) -in the "~/.mozilla/firefox" directory. -The socket path and permissions can be configured on the -Iceweasel/Firefox side with the "extensions.icevault.socketPath" and -"extensions.icevault.socketPerms" preferences in "about:config", -respectively. - -.TP .B \-\-version Show the version number and exit. -.TP -.B \-0\fR, \fB\-\-zero -With the \fBls\fR command, use NUL instead of newline as line delimiter. - .SH CONFIGURATION FILE |