Maintenance

Creating a recovery key

You may create a recovery key, in order to be able to set up a second Seald-CLI server :

• seald create-backup-key --output BACKUP_FILE.seald_key
• Choose a password (optional) for more security

Setup of a backup server

Once the recovery key has been created, you may use it to configure Seald-CLI on a second server :

• Follow the Installation procedure
• seald load-backup-key --key BACKUP_FILE.seald_key. Enter the previously chosen password when prompted.
• Follow the Autostart procedure

Reversibility

Using the recovery key, once imported (as seen in the previous paragraph), it is possible to execute the reversibility procedure.

Adding new recipients to already-encrypted files

You can add new recipients to existing files:

seald add-recipients --input ENCRYPTED_FILE.seald --recipients-emails email3@domain.com email4@domain.com

You can also call this command for a whole folder of encrypted files:

seald add-recipients --input ENCRYPTED_DIRECTORY --recursive --retries 10 --recipients-emails email3@domain.com email4@domain.com

Update

If you have an older version of the tool, you can update it with the same command as for installing it, stopping the service before, and starting it again after:

• nssm stop seald-auto-start
• npm install --global --production @seald-io/cli@2.8.0
• nssm start seald-auto-start