descriptionsafely store server secrets
last changeFri, 17 Nov 2017 19:15:17 +0000 (19:15 +0000)

regpg - safely store server secrets

The regpg program is a thin wrapper around gpg for looking after secrets that need to be stored encrypted in a version control system (so you don't have to trust the VCS server) and decrypted when your configuration management system deploys them to servers.



If you use regpg, let me know! Send me mail at

If you would like to submit a bug report or a patch, see doc/


For a simple one-file install you can copy the regpg script to a directory on your $PATH.

You can run make install to install the script and man page to the standard places in your home directory. See the start of the Makefile for variables you can set on the command line to adjust the install location.


To use regpg you need the following programs. I've listed the versions that I have tested.

You only need the following programs if you use regpg's helper subcommands.


Download the single-file regpg perl script: and its GPG signature

Download the full source archives and GPG signatures:


You can clone or browse the repository from:


Thanks to Jon Warbrick who gave me the idea for regpg's key management, and David McBride for helpful discussions.

Written by Tony Finch
at Cambridge University Information Services.
You may do anything with this. It has no warranty.

42 hours ago Tony FinchMake: upload talks and preen master
42 hours ago Tony Finchutil: exclude talks from releases
42 hours ago Tony Finchtalks: WIP
43 hours ago Tony FinchMake: more precise clean and gitignore
45 hours ago Tony Finchutil: more accurate upload list
46 hours ago Tony FinchMake: omit index.html from release tarballs
2 days ago Tony Finchlogo: float left
2 days ago Tony Finchdoc: note GPL logo
2 days ago Tony Finchutil: exclude logo from release tarballs
2 days ago Tony Finchlogo: insert logo into homepage
2 days ago Tony Finchlogo: more css tweaks
2 days ago Tony Finchlogo: simplify css
2 days ago Tony Finchlogo: regpg adaptation
2 days ago Tony Finchlogo: crop the gpg logo to just the padlock
2 days ago Tony Finchlogo: import the gpg logo [GPL]
5 days ago Tony Finchregpg: explain why Ansible with_fileglob: is useful...
8 days ago regpg-0.91 regpg-0.91
9 days ago regpg-0.88 regpg-0.88
2 weeks ago regpg-0.80 regpg-0.80
2 weeks ago regpg-0.79 regpg-0.79
2 weeks ago regpg-0.78 regpg-0.78
2 weeks ago regpg-0.77 regpg-0.77
4 weeks ago regpg-0.73 regpg-0.73
4 weeks ago regpg-0.69 regpg-0.69
5 weeks ago regpg-0.42
42 hours ago master