Your company here — click to reach over 10,000 unique daily visitors

sq-network-keyserver - Man Page

Retrieve and publishes certificates via key servers


sq network keyserver fetch [OPTIONS] QUERY
sq network keyserver publish [OPTIONS] FILE


Retrieve and publishes certificates via key servers.

The OpenPGP HTTP Keyserver Protocol (HKP) is a method for publishing and retrieving certificates from key servers.


sq network keyserver fetch

Retrieve certificates from key servers.

By default, any returned certificates are stored in the local certificate store.  This can be overridden by using `--output` option.

When a certificate is retrieved from a verifying key server (currently, this is limited to a list of known servers: `hkps://keys.openpgp.org`, `hkps://keys.mailvelope.com`, and `hkps://mail-api.proton.me`), and imported into the local certificate store, the User IDs are also certificated with a local server-specific key.  That proxy certificate is in turn certified as a minimally trusted CA (trust amount: 1 of 120) by the local trust root.  How much a proxy key server CA is trusted can be tuned using `sq pki link add` or `sq pki link retract` in the usual way.

sq network keyserver publish

Publish certificates on key servers.

Sends certificates to the configured key servers for publication.  By default, the certificates are sent to `hkps://keys.openpgp.org`, `hkps://mail-api.proton.me`, `hkps://keys.mailvelope.com`, `hkps://keyserver.ubuntu.com`, and `hkps://sks.pod01.fleetstreetops.com`.  This can be tweaked using `--servers`.

See Also

sq(1), sq-network(1), sq-network-keyserver-fetch(1), sq-network-keyserver-publish(1).

For the full documentation see <https://book.sequoia-pgp.org>.


0.37.0 (sequoia-openpgp 1.21.1)

Referenced By

sq-network(1), sq-network-keyserver-fetch(1), sq-network-keyserver-publish(1).

0.37.0 Sequoia PGP