Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
REOP(1)			FreeBSD	General	Commands Manual		       REOP(1)

     reop -- reasonable	expectation of privacy

     reop -D -x	encfile
     reop -E [-1b] [-i ident] -m message -p pubkey -s seckey
     reop -S [-e] [-x sigfile] -s seckey -m message
     reop -V [-eq] [-x sigfile]	-p pubkey -m message

     The reop utility creates and verifies cryptographic signatures and	en-
     crypts and	decrypts files.	 The mode of operation is selected with	the
     following options:

     -D		 Decryption, both public key and symmetric.

     -E		 Encryption, both public key and symmetric.  When run without
		 a public key, will ask	for a password and perform symmetric

		 When run with a public	key, will encrypt the message so that
		 it can	be decrypted by	the matching secret key.  Public key
		 encryption also uses encryptor's secret key to	authenticate
		 the message.  Once encrypted, the message can only be de-
		 crypted by recipient's	secret key.  Although authenticated,
		 messages are deniable (forgeable by recipient).

     -G		 Generate a new	key pair.

     -S		 Sign the specified message file and create a signature.

     -V		 Verify	the message and	signature match.

     The other options are as follows:

     -1		   Encrypt messages using older	v1 format.

     -b		   Use a binary	format for encrypted files.  This can result
		   in a	considerable space savings over	the default base64 en-
		   coded format.  Decryption automatically detects the correct

     -e		   When	signing, create	a signed message instead of just a

     -i	ident	   Specify the ident to	be created during key generation or
		   looked up when using	public cryptography.

     -m	message	   When	signing, the file containing the message to sign.
		   When	verifying, the file containing the message to verify.
		   When	encrypting or decrypting, the plaintext.

     -n		   Do not ask for a passphrase during key generation.  Other-
		   wise, reop will prompt the user for a passphrase to protect
		   the secret key.

     -p	pubkey	   Public key produced by -G, and used by other	commands.

     -q		   Quiet mode.	Suppress informational output.

     -s	seckey	   Secret (private) key	produced by -G,	and used by other com-

     -x	xfile	   The signature file to create	or verify.  The	default	is
		   message.sig.	 When encrypting, the encrypted	file.  The de-
		   fault is message.enc.

     The key and data files created by reop have similar format.  A plain text
     line of the form ident: is	used to	match key pairs.  Most of the actual
     key data follows and is base64 encoded.

     The ~/.reop directory is searched for default keys	named:
     seckey	 User's	secret key
     pubkey	 User's	public key
     pubkeyring	 User's	set trusted of trusted third party keys, searched by

     The reop utility exits 0 on success, and >0 if an error occurs.  It may
     fail because of one of the	following reasons:

     +o	 Some necessary	files do not exist.
     +o	 Entered passphrase is incorrect.
     +o	 The message file was corrupted	and its	signature does not match.
     +o	 The message file is too large.

     Create a new key pair.
	   $ reop -G -p -s newkey.sec

     Create a new key pair, assuming the ~/.reop directory exists:
	   $ reop -G

     Sign a file, specifying a signature name:
	   $ reop -S -s	key.sec	-m message.txt -x msg.sig

     Verify a signed message, using the	default	identity:
	   $ reop -V -x	generalsorders.sig

FreeBSD	13.0			March 16, 2014			  FreeBSD 13.0


Want to link to this manual page? Use this URL:

home | help