Pass: Difference between revisions
From DWIKI
mNo edit summary |
m (→Links) |
||
(13 intermediate revisions by the same user not shown) | |||
Line 2: | Line 2: | ||
=Links= | =Links= | ||
*[http://www.tricksofthetrades.net/2015/07/04/notes-pass-unix-password-manager/ Notes on pass] | |||
*[http://www.passwordstore.org/ Homepage] | *[http://www.passwordstore.org/ Homepage] | ||
*[https://sig-io.nl/?p=399 Read passwords from the 'pass' passwordstore into ansible] | *[https://sig-io.nl/?p=399 Read passwords from the 'pass' passwordstore into ansible] | ||
*http://superuser.com/questions/520980/how-to-force-gpg-to-use-console-mode-pinentry-to-prompt-for-passwords | |||
=Getting started= | |||
pass init me@example.com | |||
where me@example.com is the ID used for your gpg key | |||
=Setting up a shared pass git repository= | =Setting up a shared pass git repository= | ||
Line 20: | Line 31: | ||
gpg --gen-key | gpg --gen-key | ||
and import pubkey of other user: | and import pubkey(s) of other user(s): | ||
gpg --import hisid | gpg --import hisid | ||
To make gpg use group, add to .gnupg/gpg.conf: | To make gpg use group, add to .gnupg/gpg.conf: | ||
group ourgroup yourid hisid | group ourgroup yourid hisid | ||
default-key <your key id> | default-key <your key id> [[Gpg#What_is_my_key_ID.3F|?]] | ||
Slightly less secure but very convenient: | |||
ssh-keygen | |||
and then add .ssh/id_rsa.pub to .ssh/authorized_keys on server | |||
Then init pass: | Then init pass: | ||
If you use groups: | |||
pass init ourgroup | pass init ourgroup | ||
pass git init | pass git init | ||
pass git add | pass git remote add origin passuser@pass.example.com | ||
pass git push --set-upstream origin master | |||
pass git push | pass git push | ||
Line 38: | Line 59: | ||
pass add someserver/someaccount | pass add someserver/someaccount | ||
pass git push | pass git push | ||
and on other system | |||
pass git pull | |||
On system | On another system you can clone then: | ||
pass git | git clone pass.example.com:pass-git .password-store | ||
ACHTUNG any user who edits or adds keys needs the public keys of all group members! | ACHTUNG any user who edits or adds keys needs the public keys of all group members! | ||
==additional commands== | ==additional commands== | ||
=Clients= | |||
*[https://github.com/zeapo/Android-Password-Store/ Android client] | |||
*https://qtpass.org/ | |||
*[https://github.com/mbos/Pass4Win Windows client] | |||
{{ Category:security }} |
Latest revision as of 15:10, 10 November 2016
Simple password manager using gpg
Links
- Notes on pass
- Homepage
- Read passwords from the 'pass' passwordstore into ansible
- http://superuser.com/questions/520980/how-to-force-gpg-to-use-console-mode-pinentry-to-prompt-for-passwords
Getting started
pass init me@example.com
where me@example.com is the ID used for your gpg key
On server pass.example.com create user passuser Then as this user:
mkdir pass.git git init --bare pass.git
On your workstation:
If you don't already have gpg key:
gpg --gen-key
and import pubkey(s) of other user(s):
gpg --import hisid
To make gpg use group, add to .gnupg/gpg.conf:
group ourgroup yourid hisid default-key <your key id> ?
Slightly less secure but very convenient:
ssh-keygen
and then add .ssh/id_rsa.pub to .ssh/authorized_keys on server
Then init pass: If you use groups:
pass init ourgroup
pass git init pass git remote add origin passuser@pass.example.com pass git push --set-upstream origin master pass git push
Now all it takes to add keys is:
pass add someserver/someaccount pass git push
and on other system
pass git pull
On another system you can clone then:
git clone pass.example.com:pass-git .password-store
ACHTUNG any user who edits or adds keys needs the public keys of all group members!
additional commands
Clients
Security related stuff