Each client holds a secret. The secret is used as passphrase for the keys (or only one key?) on the master.
The secret is also used to create a hmac that validates that the data stored in db.json has not been tampered with. This is done by created an hmac of the data in db.json and the secret. The hmac is saved in db.json alongside with the data. Next requset to the server from a client the hmac is recreated and matched against the stored hmac to verify that the data is not changed.
Client communicates with server using json. Json consists of actions to take, arguments to the action and the secret.
Server is written in node.js to asynchronously push keys
Client can be written in anything - fabric to be able to use keyring library to store secret in keychain? Also see https://npmjs.org/package/keychain (both uses /usr/bin/security)
https://github.com/visionmedia/commander.js seems cool
go keys server
go keys server add NAME --user SERVER_USER --hostname HOSTNAME --url SERVER_URL --tags "TAG1,TAG2,TAG3" --repo REPO_URL --description "A DESCRIPTION" (other options)
--tags: coma or space seperated
go keys server edit (same options as add)
go keys server remove NAME
go keys server rename OLDNAME NEWNAME
go keys server show NAME or go keys server NAME
go keys server list or go keys server
go keys server add-user SERVERNAME USERNAME
go keys server remove-user SERVERNAME USERNAME
go keys user
go keys user add USERNAME --full-name "Anders Fajerson" --github-username "perifer" --public-key ~/.ssh/id_rsa.pub
either --github-username or --public-key has to be provided. If only --github-username is provided https://github.com/perifer.keys will be used.
go keys user edit USERNAME (same options as add)
if github-username or public-key was edited, update the public key on all users servers. See push-keys
go keys user push-keys USERNAME force update public key on all users servers. Used when e.g github public key has changed.
go keys user rename OLDNAME NEWNAME
go keys user remove USERNAME
this will remove the users public key from all the users servers
go keys user show USERNAME or go keys user USERNAME
show info and servers for user.
go keys user list or go keys user
list all users