Keybase is a website, but it’s also an open source command line program. Let’s walk through a terminal example, which illustrates what Keybase does. All of this can be embedded into other software, written by anyone.
We can get more information about top security researchers in the world with keybase.
# installation walkthrough
npm install -g keybase-installer
keybase-installer # this gets the latest version
keybase version # this should then work!
keybase help # this should be helpful!
keybase signup # reserve that username
lab:~/ $ keybase help
usage: keybase [-h] [-v] [-p PASSPHRASE] [-c CONFIG] [-i] [-d] [-q] [-C]
[--port PORT] [--no-tls] [--host HOST]
[--api-uri-prefix API_URI_PREFIX] [-B] [--preserve-tmp-keyring]
[--homedir HOMEDIR] [-g GPG] [-x PROXY]
[--proxy-ca-certs PROXY_CA_CERTS] [-O] [-M MERKLE_CHECKS]
[--tor-proxy TOR_PROXY]
[--tor-hidden-address TOR_HIDDEN_ADDRESS] [--tor-leaky] [-S]
[-T]
{btc,bitcoin,cert,dir,code-sign,config,decrypt,dec,encrypt,enc,help,id,identify,join,signup,keygen,gen,generate,list-signatures,list-sigs,list-tracking,login,logout,pull,push,prove,proof,reset,nuke,revoke,revoke-signatures,revoke-sig,search,sign,sig,status,switch,track,untrack,unverify,update,verify,version,vers}
...
keybase.io command line client
Optional arguments:
-h, --help Show this help message and exit.
-v, --version Show program's version number and exit.
-p PASSPHRASE, --passphrase PASSPHRASE
passphrase used to log into keybase
-c CONFIG, --config CONFIG
a configuration file (~/.keybase/config.json)
-i, --interactive interactive mode
-d, --debug debug mode
-q, --quiet quiet mode; only show errors, suppress info and
warnings
-C, --no-color disable logging colors
--port PORT which port to connect to
--no-tls turn off HTTPS/TLS (on by default)
--host HOST which host to connect to
--api-uri-prefix API_URI_PREFIX
the API prefix to use (/_/api/1.0)
-B, --batch batch mode; disable all prompts
--preserve-tmp-keyring
preserve the temporary keyring; don't clean it up
--homedir HOMEDIR specify a non-standard home directory; look for GPG
keychain there
-g GPG, --gpg GPG specify an alternate gpg command
-x PROXY, --proxy PROXY
specify a proxy server to all HTTPS requests
--proxy-ca-certs PROXY_CA_CERTS
specify 1 or more CA certs (in a file)
-O, --no-gpg-options disable the GPG options file for temporary keyring
operations
-M MERKLE_CHECKS, --merkle-checks MERKLE_CHECKS
check that users' chains are reflected in sitewide
state, one of {none,soft,strict}; soft by default
--tor-proxy TOR_PROXY
specify a Tor SOCKS proxy
--tor-hidden-address TOR_HIDDEN_ADDRESS
specify the Tor hidden address for keybase.io
--tor-leaky override Tor strict mode
-S, --tor-strict Don't show any user-identifiable information to
server; might break some features
-T, --tor enable Tor proxying with default settings; requires
Tor Socks5 proxy on port 9050
subcommands:
{btc,bitcoin,cert,dir,code-sign,config,decrypt,dec,encrypt,enc,help,id,identify,join,signup,keygen,gen,generate,list-signatures,list-sigs,list-tracking,login,logout,pull,push,prove,proof,reset,nuke,revoke,revoke-signatures,revoke-sig,search,sign,sig,status,switch,track,untrack,unverify,update,verify,version,vers}
btc add a signed cryptocurrency address to your profile
cert print out the CA cert the client uses to authorize
HTTPS connections
dir sign or verify a directory's contents
config make an initial configuration file
decrypt decrypt a file
encrypt encrypt a message and output to stdout or a file
help display help
id Identify a user, but don't accept or reject trust
join establish a new account on keybase.io
keygen generate a new PGP public key and optionally push it
to the server
list-signatures list of your non-revoked signatures
list-tracking list people you are tracking
login establish a session
logout logout from the server
pull pull your public (& private, if possible) key(s) from
the server
push push a PGP key from the client to the server
prove add a proof of identity
reset reset the local setup, deleting all local cached state
revoke revoke the currently active PGP keys
revoke-signatures revoke a proof or signature
search search all users
sign sign a message
status print current status
switch switch to a different user, and nuke the current state
track verify a user's authenticity and optionally track them
untrack untrack this user
update update the keybase client software
verify verify a file
version output version information about this client
lab:~/ $ keybase id hdm
✔ public key fingerprint: 98EF 5533 E7EA FD56 9669 59B5 7549 FB3D B1DD 1F32
✖ "hdmoore" on twitter: https://twitter.com/hdmoore/status/572885946594566145 (failed with code 160: ETIMEDOUT)
✔ "hmoore-r7" on github: https://gist.github.com/f16a34183692b7682774
✔ "hdmdh" on reddit: https://www.reddit.com/r/KeybaseProofs/comments/2xu771/my_keybase_proof_reddithdmdh_keybasehdm/
✔ admin of hdm.io via HTTPS: https://hdm.io/keybase.txt
lab:~/ $ keybase search -j exploit
[
{
"username": "exploit",
"score": 1.1
},
{
"username": "hexploitable",
"key": "ed7690d3cb6fed5918477b6d7991842bdcda1f69",
"github": "hexploitable",
"twitter": "hexploitable",
"websites": [
"dns//hexplo.it"
],
"score": 0.011923076923076925
},
{
"username": "soleblaze",
"key": "621904bcad0aa109bc11b65d748251e4e26f7953",
"github": "soleblaze",
"twitter": "soleblaze",
"reddit": "soleblaze",
"websites": [
"dns//exploits.sexy",
"dns//skyshadows.net"
],
"score": 0.011111111111111112
},
{
"username": "spaze",
"key": "4bd4c403af2f9fccb151fe61b64bdd6e464ab529",
"github": "spaze",
"twitter": "spazef0rze",
"websites": [
"http://exploited.cz",
"http://www.dearcomfortzone.com",
"https://www.michalspacek.cz"
],
"score": 0.010000000000000002
},
{
"username": "adamcompton",
"key": "7a71df0bf4905f4fef95aeb3d32b2743762d5196",
"github": "tatanus",
"twitter": "tatanus",
"websites": [
"http://www.exploitsearch.net"
],
"score": 0.0011111111111111111
}
]