rskey is a standalone command-line tool and Go library for generating secret keys and encrypting sensitive values in formats compatible with Posit Connect, Package Manager, and Workbench. It is designed for Infrastructure-as-Code and containerized deployments where the full Posit product stack is not yet installed.Documentation Index
Fetch the complete documentation index at: https://mintlify.com/rstudio/rskey/llms.txt
Use this file to discover all available pages before exploring further.
Installation
Install rskey via binary release, Go toolchain, or package manager on Linux, macOS, and Windows.
Quickstart
Generate your first key and encrypt a secret in under two minutes.
Command reference
Explore all rskey commands: generate, encrypt, decrypt, and fingerprint.
Go packages
Use the bundled
crypt and workbench packages to integrate key management into your Go code.What rskey does
rskey replaces the secret key management commands built into each Posit product, so you can provision keys and encrypt configuration values before those products are installed. It supports all three products with their respective encryption schemes:- Posit Connect & Package Manager — NaCl Secretbox (default) or AES-256-GCM (FIPS mode)
- Posit Workbench — AES-128-CBC with UUID-format keys
Encrypt a sensitive value
Encrypt a database password or other secret using the key:Type your secret when prompted. rskey outputs the encrypted ciphertext.
Guides by product
Posit Connect
Manage keys and encrypt config values for Posit Connect deployments.
Package Manager
Generate keys and encrypt secrets for Posit Package Manager.
Workbench
Handle Workbench-specific key formats and AES-128-CBC encryption.
FIPS mode
Use AES-256-GCM encryption to meet FIPS 140 compliance requirements.