diff --git a/doc/age.1.ronn b/doc/age.1.ronn index 5add740..ac4932a 100644 --- a/doc/age.1.ronn +++ b/doc/age.1.ronn @@ -47,7 +47,7 @@ overhead per recipient, plus 16 bytes every 64KiB of plaintext. Encrypt to the explicitly specified . See the [RECIPIENTS AND IDENTITIES][] section for possible recipient formats. - This option can be repeated and combined with `-R`/`--recipients-file`, + This option can be repeated and combined with other recipient flags, and the file can be decrypted by all provided recipients independently. * `-R`, `--recipients-file`=: @@ -58,15 +58,14 @@ overhead per recipient, plus 16 bytes every 64KiB of plaintext. If is `-`, the recipients are read from standard input. In this case, the argument must be specified. - This option can be repeated and combined with `-r`/`--recipient`, + This option can be repeated and combined with other recipient flags, and the file can be decrypted by all provided recipients independently. * `-p`, `--passphrase`: Encrypt with a passphrase, requested interactively from the terminal. `age` will offer to auto-generate a secure passphrase. - This option can't be used with `-r`/`--recipient` or - `-R`/`--recipients-file`. + This option can't be used with other recipient flags. * `-a`, `--armor`: Encrypt to an ASCII-only "armored" encoding. @@ -77,6 +76,27 @@ overhead per recipient, plus 16 bytes every 64KiB of plaintext. Decryption transparently detects and decodes ASCII armoring. +* `-i`, `--identity`=: + Encrypt to the [RECIPIENTS][RECIPIENTS AND IDENTITIES] corresponding to the + [IDENTITIES][RECIPIENTS AND IDENTITIES] listed in the file at . This + is equivalent to converting the file at to a recipients file with + `age-keygen -y` and then passing that to `-R`/`--recipients-file`. + + For the format of , see the definition of `-i`/`--identity` in the + [Decryption options][] section. + + `-e`/`--encrypt` must be explicitly specified when using `-i`/`--identity` + in encryption mode to avoid confusion. + +* `-j` : + Encrypt using the data-less [plugin][Plugins] . + + This is equivalent to using `-i`/`--identity` with a file that contains a + single plugin `IDENTITY` that encodes no plugin-specific data. + + `-e`/`--encrypt` must be explicitly specified when using `-j` in encryption + mode to avoid confusion. + ### Decryption options * `-d`, `--decrypt`: @@ -116,20 +136,12 @@ overhead per recipient, plus 16 bytes every 64KiB of plaintext. Unused identities are ignored, but it is an error if the file is passphrase-encrypted and `-i`/`--identity` is specified. - If `-e`/`--encrypt` is explicitly specified (to avoid confusion), - `-i`/`--identity` may also be used to encrypt to the `RECIPIENTS` - corresponding to the `IDENTITIES` listed at . This allows using an - identity file as a symmetric key, if desired. - * `-j` : Decrypt using the data-less [plugin][Plugins] . This is equivalent to using `-i`/`--identity` with a file that contains a single plugin `IDENTITY` that encodes no plugin-specific data. - If `-e`/`--encrypt` is explicitly specified (to avoid confusion), `-j` may - also be used to encrypt with a data-less plugin. - ## RECIPIENTS AND IDENTITIES `RECIPIENTS` are public values, like a public key, that a file can be encrypted