NAME
tarsnap-keymgmt -- generate subsets of tarsnap(1) key files
SYNOPSIS
tarsnap-keymgmt --outkeyfile new-key-file [-r] [-w] [-d] [--nuke]
[--passphrased] [--passphrase-mem maxmem] key-file ...
DESCRIPTION
tarsnap-keymgmt reads the provided key files and writes a new key file
containing only the keys required for the operations specified via the -r
(list and extract archives), -w (write archives), -d (delete archives),
and --nuke flags. Note that -d implies -r since it is impossible to
delete an individual archive without being able to read it; while a key
file generated with --nuke can be used to delete all the archives stored,
but not individual archives.
If the --passphrased option is specified, the user will be prompted to
enter a passphrase (twice) to be used to encrypt the key file.
If the --passphrase-mem maxmem option is specified, a maximum of maxmem
bytes of RAM will be used in the scrypt key derivation function to
encrypt the key file; it may be necessary to set this option if a key
file is being created on a system with far more RAM than the system on
which the key file will be used.