flcl_manual-flcl_commands-archive-delkey

DELKEY

Synopsis

HELP:   Delete keyset from archive
TYPE:   OBJECT
SYNTAX: DELKEY(NET.{},STORE/SAVE.{},DECRYPT.{},INDEX=num,FKMEID=num/PWD/PGP/LIMIT/FULL,FORCE[=OWN/ACS/ALL],LOGGING.{},MESSAGE(),NORUN)

Description

The DELKEY subcommand can be used to delete encrypted keysets from a FLAM archive. The corresponding rights must be available for this and at least one encrypted keyset with full access must remain.

Deletion can be based on the index or the FKME ID. The index is displayed by the LIST command. If you specify a negative index, all keysets with an index greater than or equal to the specified absolute value are deleted.

If an FKME ID is specified, the specified hexadecimal value is combined with the actual FKME ID using an AND operation and if the result corresponds to the specified FKME ID, then this encrypted keyset is deleted. A selection with predefined values is offered for simplification. With the specification FKMEID=0xnnnnnnnnnn with n between 0-9 and A-F, however, any bit masks can be specified.

Care should be taken when specifying FKME IDs. Deleting keys corresponds to deleting access rights to the archives and possibly also deleting the data if no keyset is left. FLAM therefore does not allow the latter. You can also only delete your own key if you explicitly delete it with FORCE=OWN and you must also confirm the deletion of the last keyset with full access with FORCE=ACS. If your own keyset is the last one with full access and you only want to have keysets with limited access, then you must set FROCE=ALL.

To get syntax information, please use:

   flcl SYNTAX ARCHIVE.DELKEY

To get help for a parameter, please use:

   flcl HELP ARCHIVE.DELKEY.parameter[.parameter[...]]

To read the manual page for a parameter, please use:

   flcl MANPAGE ARCHIVE.DELKEY.parameter[.parameter[...]]
      or
   flcl HELP ARCHIVE.DELKEY.parameter[.parameter[...]] MAN

To generate the user manual for the command, please use:

   flcl GENDOCU ARCHIVE.DELKEY=filename

Parameters can be defined via command line (directly or by parameter file) or via properties taken from the corresponding property file.

Arguments

NUMBER: INDEX=num - Delete keyset with this index (negative number: all except the first abs(index))
NUMBER: FKMEID=num/PWD/PGP/LIMIT/FULL - Delete all keysets with this FKME-ID (given FKMEID & stored FKMEID == given FKMEID)
- PWD - Delete all password based encrypted keysets
- PGP - Delete all OpenPGP related encrypted keysets
- LIMIT - Delete all encrypted keysets with limited rights
- FULL - Delete all encrypted keysets with full access (FORCE=ACS required)
NUMBER: FORCE=OWN/ACS/ALL - Force delete (allows to delete own keyset and last keyset with full data access)
- OWN - Force delete of own encrypted keyset
- ACS - Force delete of last encrypted keyset with full access
- ALL - Force delete of all matching encrypted keysets
SWITCH: NORUN - Don't run the command, only show parsed parameter