### Build Paperkey from Source (GitHub / gnulib) Source: https://context7.com/dmshaw/paperkey/llms.txt Instructions for cloning gnulib and paperkey repositories, bootstrapping gnulib modules, configuring, building, and testing the paperkey software. ```bash # Clone gnulib (provides SHA-1 and getopt_long) git clone https://github.com/coreutils/gnulib.git # Clone paperkey git clone https://github.com/dmshaw/paperkey.git cd paperkey # Bootstrap gnulib modules ../gnulib/gnulib-tool --update # Configure and build autoreconf -f -i ./configure make # Run the self-test suite (roundtrip tests for RSA, DSA, Elgamal, ECC, EdDSA) make check # Install system-wide sudo make install ``` -------------------------------- ### Build Paperkey from GitHub Source Source: https://github.com/dmshaw/paperkey/blob/main/README.md Instructions for building Paperkey directly from the GitHub repository, which requires gnulib. This process involves cloning repositories, updating gnulib, and running the standard build steps. ```bash git clone git://git.savannah.gnu.org/gnulib.git # there is also a github mirror at https://github.com/coreutils/gnulib.git git clone https://github.com/dmshaw/paperkey.git cd paperkey ../gnulib/gnulib-tool --update autoreconf -f -i ./configure make check ``` -------------------------------- ### Build an RPM Package for Paperkey Source: https://context7.com/dmshaw/paperkey/llms.txt Instructions for building an RPM package from a release tarball. The spec file is included in the source tree and processed by autoconf during configuration. ```bash # Download a release tarball from GitHub releases, then: rpmbuild -ta /path/to/paperkey-1.6.tar.gz # The spec file is included in the source tree (paperkey.spec.in) # and is processed by autoconf during ./configure ``` -------------------------------- ### Build RPM Package Source: https://github.com/dmshaw/paperkey/blob/main/README.md Use this command to build an RPM package from the Paperkey tarball. Ensure the path to the tarball is correct. ```bash rpmbuild -ta /path/to/the/paperkey/tarball.tar.gz ``` -------------------------------- ### Output Raw Binary for QR/Barcode Source: https://context7.com/dmshaw/paperkey/llms.txt Generates a compact raw binary output suitable for QR code or 2D barcode generators, appending a 3-byte CRC-24 for integrity. Also shows how to restore from this raw binary format. ```bash # Generate raw binary output paperkey --secret-key my-secret-key.gpg \ --output-type raw \ --output my-secret-key.raw # Pipe directly to a QR code generator (e.g., qrencode) paperkey --secret-key my-secret-key.gpg --output-type raw | \ qrencode -8 -o key-qr.png # Restore from raw binary paperkey --pubring my-public-key.gpg \ --secrets my-secret-key.raw \ --input-type raw \ --output restored.gpg ``` -------------------------------- ### Display Paperkey File Format Specification Source: https://context7.com/dmshaw/paperkey/llms.txt The --file-format option prints a detailed description of the binary format used in secrets files. This enables manual reconstruction of a secret key in a last-resort recovery scenario. ```bash paperkey --file-format ``` -------------------------------- ### Restore Secret Key from Paper Backup Source: https://context7.com/dmshaw/paperkey/llms.txt Reconstructs a secret key by combining a paper backup (text file) with the corresponding public key. Ensure the public key is fetched and available before running the restore command. The restored key is saved to a binary file for import into GnuPG. ```bash # Fetch the public key from a keyserver gpg --keyserver keys.openpgp.org --recv-keys 0xYOURKEYID gpg --export --no-armor 0xYOURKEYID > my-public-key.gpg # Re-type (or OCR) the paper backup into a text file, then restore: paperkey --pubring my-public-key.gpg \ --secrets my-key-text-file.txt \ --output my-restored-secret-key.gpg # Import the restored key back into GnuPG gpg --import my-restored-secret-key.gpg # Verify the restored key matches original (compare fingerprints) gpg --fingerprint my@email.com ``` -------------------------------- ### Reconstruct Secret Key from Paper Backup Source: https://github.com/dmshaw/paperkey/blob/main/README.md This command reconstructs the full secret key file from a text file containing the secret data and the corresponding public key ring. Ensure the secret data file and public ring are correctly specified. ```bash paperkey --pubring my-public-key.gpg --secrets my-key-text-file.txt --output my-secret-key.gpg ``` -------------------------------- ### Specify Output Type for Paperkey Source: https://github.com/dmshaw/paperkey/blob/main/README.md The --output-type option allows specifying the format of the output. 'base16' provides a human-readable format, while 'raw' is suitable for passing to other programs like barcode or QR code generators. ```bash paperkey --output-type raw ``` -------------------------------- ### Generate Paper Backup of Secret Key Source: https://github.com/dmshaw/paperkey/blob/main/README.md Use this command to extract the secret data from a GPG secret key file and save it to a text file for printing. The output file contains only the essential secret bytes, significantly reducing the size of the original key. ```bash paperkey --secret-key my-secret-key.gpg --output to-be-printed.txt ``` -------------------------------- ### Extract Secret Key to File Source: https://context7.com/dmshaw/paperkey/llms.txt Exports a secret key from GnuPG and saves the paperkey-formatted output to a file for printing. Ensure the secret key is exported in binary format before processing. ```bash # Export secret key from GnuPG keyring first (dearmor to binary) gpg --export-secret-key --no-armor 0xYOURKEYID > my-secret-key.gpg # Extract and save to a file for printing paperkey --secret-key my-secret-key.gpg --output to-be-printed.txt # Example output in to-be-printed.txt: # Secret portions of key 4A6D421F9ABF3E12... # Base16 data extracted Thu Oct 19 12:34:56 2023 # Created with paperkey 1.6 by David Shaw # ... # # 1: 00 04 4A 6D 42 1F 9A BF 3E 12 ... A3F2B1 # 2: C1 08 D3 E7 FA 12 8B 44 96 55 ... 7CE901 # ... # 42: B2FADC ``` -------------------------------- ### Control Output Width for Paper Formats Source: https://context7.com/dmshaw/paperkey/llms.txt Adjusts the number of hex bytes per line in base16 output to fit different paper formats. The default width is 78 characters. ```bash # Narrow output (e.g., for 66-column thermal printer paper) paperkey --secret-key my-secret-key.gpg \ --output-width 60 \ --output narrow-printout.txt # Wide output for landscape A4 (more data per line = fewer pages) paperkey --secret-key my-secret-key.gpg \ --output-width 100 \ --output wide-printout.txt ``` -------------------------------- ### Add Human-Readable Comment to Paper Backup Source: https://context7.com/dmshaw/paperkey/llms.txt Use the --comment option to embed arbitrary strings in the backup header. This is useful for annotating backups with details like owner name, creation date, or storage location. ```bash paperkey --secret-key my-secret-key.gpg \ --comment "Alice Smith - master key - created 2024-01-15 - stored in safe" \ --output annotated-backup.txt ``` -------------------------------- ### Pipe Secret Key Data to Paperkey via Stdin Source: https://github.com/dmshaw/paperkey/blob/main/README.md When the --output option is omitted, paperkey writes to stdout. This allows piping the output directly to other commands, such as 'lpr' for immediate printing, or to other programs for further processing like barcode generation. ```bash gpg --export-secret-key my-key | paperkey | lpr ``` -------------------------------- ### Restore Paperkey Despite CRC Errors Source: https://context7.com/dmshaw/paperkey/llms.txt Use --ignore-crc-error to instruct paperkey to continue processing even when per-line or overall CRC-24 checksums fail. This is a last-resort recovery option for damaged backups. ```bash # Attempt recovery from a partially corrupted transcription paperkey --pubring my-public-key.gpg \ --secrets damaged-transcription.txt \ --ignore-crc-error \ --output recovered-key.gpg ``` ```bash # After import, verify the key is usable gpg --import recovered-key.gpg echo "test" | gpg --sign --local-user my@email.com > /dev/null && echo "Key OK" ``` -------------------------------- ### Extract Secret Key via Stdin Pipe Source: https://context7.com/dmshaw/paperkey/llms.txt Processes secret key data piped directly from GnuPG to stdout, enabling direct pipeline usage without intermediate files. Use the `-v` flag for verbose output to stderr, which includes key fingerprints. ```bash # Export directly from GnuPG and send to the printer in one command gpg --export-secret-key --no-armor my@email.com | paperkey | lpr # Or save to a file via redirect gpg --export-secret-key --no-armor my@email.com | paperkey > paper-backup.txt # View on screen with verbosity to confirm fingerprints gpg --export-secret-key --no-armor my@email.com | paperkey -v # stderr: Primary key fingerprint: 4A6D421F9ABF3E12... # stderr: Subkey fingerprint: 8C2E19FA03B7... ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.