Usage

Source code

See also

Basics

This page is just a sampler. The Keybase app has built-in help:

keybase help        # general
keybase help track  # help with tracking
keybase help pgp    # help using PGP keys in Keybase
keybase help prove  # help with proofs
                    # etc.

Common commands

keybase version              # print the version number
keybase help                 # get help
keybase signup               # if you've never used Keybase
keybase login                # or...if you already have an account
keybase prove twitter        # prove you own a twitter account
keybase prove github         # prove a github account
keybase prove reddit         # prove a reddit account
keybase prove coinbase       # prove a coinbase account
keybase prove hackernews     # prove an HN account
keybase prove https you.com  # prove a website
keybase prove http you.com   # if you don't have a legit cert
keybase prove dns you.com    # prove via a DNS entry
                             # ...more proof types soon...

Looking up other people & tracking

keybase search max                 # find users like "max"
keybase id max                     # look "max" up, verify identity
keybase id maxtaco@twitter         # look twitter maxtaco up
keybase track max                  # same as id, but track publicly
keybase track maxtaco@reddit       # track a reddit user

Why track?

If you track someone, subsequent commands will work without requiring more input from you:

keybase pgp encrypt maria -m 'this is a secret'
# Success! No questions asked

And if anything about your target has changed since you last tracked them, you'll get an error.

keybase pgp encrypt maria -m 'The password is HOTDOG'
# ERROR! (She removed her Twitter account or proof tweet!)
# ERROR! (Her Reddit account disappeared!)
# etc.

Device adding + removing

Every computer you install Keybase on gets a device-specific key. This is a very big improvement over the old PGP model, where you had to move a private key around.

keybase device list        # list all your device + paper keys
keybase device remove [ID] # revoke device ID (found in device list)
keybase device add         # provision a new device

Paper keys

When you install Keybase for the first time, you'll be asked to generate a paper key. It's a full-powered key, just like a device key.

You can have as many paper keys as you like. You should have at least 1, until Keybase releases a mobile app.

keybase paperkey   # make a new paper key

If you lose a paper key, just remove it like any other device.

Coming soon: crypto operations on device keys

Soon, you'll be able to do this with Keybase:

# encrypt it for ALL of maria's different device keys
keybase encrypt maria -m 'this is a secret'

In the meantime, you can perform crypto with Keybase user maria's PGP key.

# note the PGP subcommand
keybase pgp encrypt maria -m 'this is a secret'

Encrypting a PGP message

keybase pgp encrypt chris -m 'secret'            # encrypt
keybase pgp encrypt maxtaco@twitter -m 'secret'  # using a twitter name
keybase pgp encrypt maxtaco@reddit -m 'secret'   # using a Reddit name
keybase pgp encrypt chris -s -m 'secret'         # also sign with -s
keybase pgp encrypt chris -i foo.txt             # foo.txt -> foo.txt.asc
keybase pgp encrypt chris -i foo.txt -o bar.asc  # foo.txt -> bar.asc
echo 'secret' | keybase pgp encrypt chris        # stream

Decrypting a PGP message

keybase pgp decrypt -i foo.txt.asc             # foo.txt.asc -> stdout
keybase pgp decrypt -i foo.txt.asc -o foo.txt  # foo.txt.asc -> foo.txt
cat foo.txt.asc | keybase pgp decrypt          # decrypt a stream

Signing a PGP message

keybase pgp sign -m 'Hello'                # sign a message
keybase pgp sign --clearsign -m 'Hello'    # sign, but don't encode contents
keybase pgp sign -i foo.txt --detached     # generate foo.txt.asc, just a signature
keybase pgp sign -i foo.txt                # generate foo.txt.asc, containing signed foo.txt
echo 'I rock.' | keybase pgp sign          # stream

Verifying a PGP message

keybase pgp verify -i foo.txt.asc            # verify a self-signed file
keybase pgp verify -d foo.txt.asc -i foo.txt # verify a file + detatched signature
cat foo.txt.asc | keybase pgp verify         # stream a self-signed file

Publishing a bitcoin address

keybase btc 1p90X3byTONYhortonETC  # sign and set the bitcoin
                                   # address on your profile

Assertions (useful for scripting, cron jobs, etc.)

# Here we encrypt a copy of a backup for
# maria, asserting that she's proven her key on both
# twitter and github. Both must pass.
#
# This is unnecessary if we've tracked maria, as the command
# will fail if anything about her identity breaks.
cat some_backup.sql | keybase pgp encrypt -o enc_backup.asc \
  maria_2354@twitter+maria_booyeah@github+maria@keybase'

More examples soon

Use keybase help to learn what's available.