Pass: Difference between revisions

From DWIKI
mNo edit summary
 
(18 intermediate revisions by the same user not shown)
Line 2: Line 2:


=Links=
=Links=
*[http://www.tricksofthetrades.net/2015/07/04/notes-pass-unix-password-manager/ Notes on pass]
*[http://www.passwordstore.org/ Homepage]
*[http://www.passwordstore.org/ Homepage]
*[https://sig-io.nl/?p=399 Read passwords from the 'pass' passwordstore into ansible]
*http://superuser.com/questions/520980/how-to-force-gpg-to-use-console-mode-pinentry-to-prompt-for-passwords
=Getting started=
pass init me@example.com
where me@example.com is the ID used for your gpg key
=Setting up a shared pass git repository=
On server pass.example.com create user passuser
Then as this user:
mkdir pass.git
git init --bare pass.git
On your workstation:
If you don't already have gpg key:
gpg --gen-key
and import pubkey(s) of other user(s):
gpg --import hisid
To make gpg use group, add to .gnupg/gpg.conf:
group ourgroup yourid hisid
default-key <your key id> [[Gpg#What_is_my_key_ID.3F|?]]
Slightly less secure but very convenient:
ssh-keygen
and then add .ssh/id_rsa.pub to .ssh/authorized_keys on server
Then init pass:
If you use groups:
pass init ourgroup
pass git init
pass git remote add origin passuser@pass.example.com
pass git push --set-upstream origin master
pass git push
Now all it takes to add keys is:
pass add someserver/someaccount
pass git push
and on other system
pass git pull
On another system you can clone then:
git clone pass.example.com:pass-git .password-store
ACHTUNG any user who edits or adds keys needs the public keys of all group members!
==additional commands==
=Clients=
*[https://github.com/zeapo/Android-Password-Store/ Android client]
*https://qtpass.org/
*[https://github.com/mbos/Pass4Win Windows client]
{{ Category:security }}

Latest revision as of 15:10, 10 November 2016

Simple password manager using gpg

Links

Getting started

pass init me@example.com

where me@example.com is the ID used for your gpg key



Setting up a shared pass git repository

On server pass.example.com create user passuser Then as this user:

mkdir pass.git
git init --bare pass.git


On your workstation:

If you don't already have gpg key:

gpg --gen-key

and import pubkey(s) of other user(s):

gpg --import hisid

To make gpg use group, add to .gnupg/gpg.conf:

group ourgroup yourid hisid
default-key <your key id> ?

Slightly less secure but very convenient:

ssh-keygen

and then add .ssh/id_rsa.pub to .ssh/authorized_keys on server


Then init pass: If you use groups:

pass init ourgroup


pass git init
pass git remote add origin passuser@pass.example.com
pass git push --set-upstream origin master
pass git push


Now all it takes to add keys is:

pass add someserver/someaccount
pass git push

and on other system

pass git pull


On another system you can clone then:

git clone pass.example.com:pass-git .password-store

ACHTUNG any user who edits or adds keys needs the public keys of all group members!

additional commands

Clients

Security related stuff