I have reworked the CLI to be more explicit and intuitive. Recipient and
identities as arguments were clever, which is not a compliment.
Now encryption takes -r/--recipient flags, decryption is selected with
-d/--decrypt and takes -i/--identity flags, the output file is -o or
stdout, the input file is an optional argument or stdin. Key generation
moved to age-keygen, which can grow its own flags for stuff like YubiKey
PIV management.
With this, I'd like to issue a last call for the v1 beta, which would
trigger a backwards compatibility promise for the CLI and file formats.
Speak now, or hold your peace until v2, scheduled to come at the same
time as Go 2.
$ age-keygen > key.txt
$ cat key.txt
# created: 2019-10-06T22:44:14-04:00
# pubkey:9qK5CQd0aPFOMlBIpVPP8mOggiFxqkXKkcSJrqoxIyI
AGE_SECRET_KEY_l6sUOU2sZgLkyIkDHT_Q7wNqUjeeyUe4pJCsyt_-qII
$ echo "_o/" | age -r pubkey:9qK5CQd0aPFOMlBIpVPP8mOggiFxqkXKkcSJrqoxIyI -armor -o hello.age
$ cat hello.age
This is an armored file encrypted with
age-tool.com, version 1
-> X25519 jxogGETLAZtc70T35gEa7-TyTsqRKjoh4w-URI2tHC4
FflFC6gUrydahfQj9KmVI8eznYR7XNm5Ra_19CvbvyY
--- i7xr4pMS8q4zCzK9-qO4vk6ENoCw-kwcSMYwnJCD6NY
DcZbEGeYV1TPxLANHVLLo53ep7JfMsYmDeX2aYiDUIUFzTHr
--- end of file ---
$ age -decrypt -i key.txt hello.age
_o/
$ tar cv ~/xxx | age -r github:Benjojo -r github:FiloSottile | nc 192.0.2.0 1234