mirror of
https://github.com/ryantm/agenix.git
synced 2024-11-22 09:40:47 +03:00
14 lines
407 B
Markdown
14 lines
407 B
Markdown
|
# Rekeying {#rekeying}
|
||
|
|
||
|
If you change the public keys in `secrets.nix`, you should rekey your
|
||
|
secrets:
|
||
|
|
||
|
```ShellSession
|
||
|
$ agenix --rekey
|
||
|
```
|
||
|
|
||
|
To rekey a secret, you have to be able to decrypt it. Because of
|
||
|
randomness in `age`'s encryption algorithms, the files always change
|
||
|
when rekeyed, even if the identities do not. (This eventually could be
|
||
|
improved upon by reading the identities from the age file.)
|