From bd262f61265cfb80cb3d847bcdb115eea8a6e74d Mon Sep 17 00:00:00 2001
From: Andrew Ayer <agwa@andrewayer.name>
Date: Sat, 15 Nov 2014 18:06:36 -0800
Subject: [PATCH] Add documentation for multiple keys

---
 doc/multiple_keys.md | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 doc/multiple_keys.md

diff --git a/doc/multiple_keys.md b/doc/multiple_keys.md
new file mode 100644
index 0000000..6d7fc69
--- /dev/null
+++ b/doc/multiple_keys.md
@@ -0,0 +1,24 @@
+In addition to the implicit default key, git-crypt supports alternative
+keys which can be used to encrypt specific files and can be shared with
+specific GPG users.  This is useful if you want to grant different
+collaborators access to different sets of files.
+
+To generate an alternative key named KEYNAME, pass the `-k KEYNAME`
+option to `git-crypt init` as follows:
+
+    git-crypt init -k KEYNAME
+
+To encrypt a file with an alternative key, use the `git-crypt-KEYNAME`
+filter in `.gitattributes` as follows:
+
+    secretfile filter=git-crypt-KEYNAME diff=git-crypt-KEYNAME
+
+To export an alternative key or share it with a GPG user, pass the `-k
+KEYNAME` option to `git-crypt export-key` or `git-crypt add-gpg-user`
+as follows:
+
+    git-crypt export-key -k KEYNAME /path/to/keyfile
+    git-crypt add-gpg-user -k KEYNAME GPG_USER_ID
+
+To unlock a repository with an alternative key, use `git-crypt unlock`
+normally.  git-crypt will automatically determine which key is being used.