Basic workflow:
# online$ CAFFDIR=$PWD caff --download ${keyids}
echo "NEXT STEP: on your secure offline system, run XXX"
# offline$ CAFFDIR=$PWD GNUPGHOME=${secret_dir} caff --sign
echo "NEXT STEP: on your online system, run XXX"
# online$ CAFFDIR=$PWD caff --mail
echo "KEYSIGNING COMPLETE. completed keyids listed in $CAFFHOME/keys/$DATE"
- CAFFDIR is some dir on your usb stick, containing .caff and .caffrc, RW by online+offline.
- GNUPGHOME is some (hopefully encrypted) dir on your usb disk, R by offline.
For more details see README.
NOTE: the above steps do not save stuff to $HOME, only $CAFFDIR. If you want an extra backup, you can e.g. run:
# online$ cp -aL --no-preserve=ownership -t "$PWD" "$HOME/.caff" "$HOME/.caffrc" ## steps as above # online$ cp -aL --no-preserve=ownership -t "$HOME" "$PWD/.caff" "$PWD/.caffrc"
or some other thing depending on your needs.