Setup & Installation


Source code

OSX + Linux users: time to update! Our faster, better client is released. If you've been using the Node.js version of Keybase, we ask you uninstall it with `npm uninstall -g keybase` and install the new Go version described on these pages.


This page is just a sampler. The Keybase app has built-in help:

keybase help        # general
keybase help track  # help with tracking
keybase help pgp    # help using PGP keys in Keybase
keybase help prove  # help with proofs
                    # etc.

Common commands

keybase version            # print the version number
keybase help               # get help
keybase signup             # if you've never used Keybase
keybase login              # or...if you already have an account
keybase prove twitter      # prove you own a twitter account
keybase prove github       # prove a github account
keybase prove reddit       # prove a reddit account
keybase prove coinbase     # prove a coinbase account
keybase prove hackernews   # prove an HN account
keybase prove web  # prove a website
                           # ...more proof types soon...

Looking up other people & tracking

keybase search chris               # find users like "chris"
keybase id chris                   # look "chris" up, verify identity
keybase track chris                # same as id, but track publicly
keybase track chris --track-local  # track, but not on server

Why track?

If you track someone, subsequent commands will work without requiring more input from you:

keybase pgp encrypt maria -m 'this is a secret'
# Success! No need to human-review her proofs if
#          they are still good

And if anything about your target has changed since you last tracked them, you'll get an error.

keybase pgp encrypt maria -m 'The password is HOTDOG'
# ERROR! (She removed her Twitter account or proof tweet!)
# ERROR! (Her Reddit account disappeared!)
# etc.

Publishing a bitcoin address

keybase btc 1p90X3byTONYhortonETC  # sign and set the bitcoin
                                   # address on your profile

Device adding + removing

Every computer you install Keybase on gets a device-specific key. This is a very big improvement over the old PGP model, where you had to move a private key around.

keybase device list        # list all your device + paper keys
keybase device remove [ID] # revoke device ID (found in device list)
keybase device add         # provision a new device

Paper keys

When you install Keybase for the first time, you'll be asked to generate a paper key. It's a full-powered key, just like a device key.

You can have as many paper keys as you like. You should have at least 1, until Keybase releases a mobile app.

keybase paperkey   # make a new paper key

If you lose a paper key, just remove it like any other device.

Coming soon: crypto operations on device keys

Soon, you'll be able to do this with Keybase:

# encrypt it for ALL of maria's different device keys
keybase encrypt maria -m 'this is a secret'

In the meantime, you can perform crypto with Keybase user maria's PGP key.

# note the PGP subcommand
keybase pgp encrypt maria -m 'this is a secret'

Encrypting a PGP message

keybase pgp encrypt chris -m 'secret'            # encrypt
keybase pgp encrypt chris -s -m 'secret'         # also sign with -s
keybase pgp encrypt chris -i foo.txt             # foo.txt -> foo.txt.asc
keybase pgp encrypt chris -i foo.txt -o bar.asc  # foo.txt -> bar.asc
echo 'secret' | keybase pgp encrypt chris        # stream

Decrypting a PGP message

keybase pgp decrypt -i foo.txt.asc             # foo.txt.asc -> stdout
keybase pgp decrypt -i foo.txt.asc -o foo.txt  # foo.txt.asc -> foo.txt
cat foo.txt.asc | keybase pgp decrypt          # decrypt a stream

Signing a PGP message

keybase pgp sign -m 'Hello'                # sign a message
keybase pgp sign --clearsign -m 'Hello'    # sign, but don't encode contents
keybase pgp sign -i foo.txt --detach-sign  # generate foo.txt.asc, just a signature
keybase pgp sign -i foo.txt                # generate foo.txt.asc, containing signed foo.txt
echo 'I rock.' | keybase pgp sign          # stream

Verifying a PGP message

keybase pgp verify -i foo.txt.asc          # verify a self-signed file
keybase pgp verify -i foo.txt.asc foo.txt  # verify a file + detatched signature
cat foo.txt.asc | keybase pgp verify       # stream a self-signed file

Assertions (useful for scripting, cron jobs, etc.)

# Here we encrypt a copy of a backup for
# maria, asserting that she's proven her key on both
# twitter and github. Both must pass.
# This is unnecessary if we've tracked maria, as the command
# will fail if anything about her identity breaks.
cat some_backup.sql | keybase pgp encrypt -o enc_backup.asc \

More examples soon

Use keybase help to learn what's available.