tzap CLI documentation

These examples use passphrase mode through stdin so secrets do not appear in shell history or process listings.

Create an archive

export TZAP_PASSPHRASE='correct horse battery staple'
printf '%s\n' "$TZAP_PASSPHRASE" | \
  tzap create --password-stdin -o backup.tzap ./project

List and verify

printf '%s\n' "$TZAP_PASSPHRASE" | tzap list --password-stdin backup.tzap
printf '%s\n' "$TZAP_PASSPHRASE" | tzap verify --password-stdin backup.tzap

Extract everything

printf '%s\n' "$TZAP_PASSPHRASE" | \
  tzap extract --password-stdin --directory restored backup.tzap

Extract one file

printf '%s\n' "$TZAP_PASSPHRASE" | \
  tzap extract --password-stdin --stdout backup.tzap project/readme.txt

Create recoverable volumes

tzap keygen --output project.key
tzap create --keyfile project.key --volumes 3 --volume-loss-tolerance 1 -o project.tzap ./project
tzap verify --keyfile project.key project.tzap.000 project.tzap.001 project.tzap.002

Full CLI reference

Command workflows for encrypted archive operations

The documentation focuses on practical command-line flows: creating archives, keeping passphrases out of shell history, listing and verifying archive integrity, extracting complete archives, restoring one file, and testing split-volume recovery behavior.

Create and verify backups

Use stdin-based passphrase handling, authenticated manifests, and verification commands to make backup runs easier to audit.

Inspect and restore selectively

List encrypted archives and restore individual paths when you need targeted recovery from large datasets.

Test damaged-volume recovery

Create multi-volume archives with loss tolerance so backup media and object-storage layouts can be tested before they are needed.