Pass: Difference between revisions
From DWIKI
Tag: wikieditor |
|||
| (14 intermediate revisions by the same user not shown) | |||
| Line 2: | Line 2: | ||
=Links= | =Links= | ||
*[http://www.tricksofthetrades.net/2015/07/04/notes-pass-unix-password-manager/ Notes on pass] | |||
*[http://www.passwordstore.org/ Homepage] | *[http://www.passwordstore.org/ Homepage] | ||
*[https://sig-io.nl/?p=399 Read passwords from the 'pass' passwordstore into ansible] | *[https://sig-io.nl/?p=399 Read passwords from the 'pass' passwordstore into ansible] | ||
*http://superuser.com/questions/520980/how-to-force-gpg-to-use-console-mode-pinentry-to-prompt-for-passwords | |||
=Getting started= | |||
pass init me@example.com | |||
where me@example.com is the ID used for your gpg key | |||
=Setting up a shared pass git repository= | =Setting up a shared pass git repository= | ||
| Line 25: | Line 36: | ||
To make gpg use group, add to .gnupg/gpg.conf: | To make gpg use group, add to .gnupg/gpg.conf: | ||
group ourgroup yourid hisid | group ourgroup yourid hisid | ||
default-key <your key id> [Gpg#What_is_my_key_ID.3F ?] | default-key <your key id> [[Gpg#What_is_my_key_ID.3F|?]] | ||
Slightly less secure but very convenient: | Slightly less secure but very convenient: | ||
| Line 35: | Line 46: | ||
Then init pass: | Then init pass: | ||
If you use groups: | |||
pass init ourgroup | pass init ourgroup | ||
pass git init | pass git init | ||
pass git add | pass git remote add origin passuser@pass.example.com | ||
pass git push --set-upstream origin master | |||
pass git push | pass git push | ||
| Line 45: | Line 60: | ||
pass git push | pass git push | ||
and on other system | |||
pass git pull | |||
On system | |||
pass git | On another system you can clone then: | ||
git clone pass.example.com:pass-git .password-store | |||
ACHTUNG any user who edits or adds keys needs the public keys of all group members! | ACHTUNG any user who edits or adds keys needs the public keys of all group members! | ||
==additional commands== | ==additional commands== | ||
=Clients= | |||
==Android client== | |||
*[https://github.com/zeapo/Android-Password-Store/ Android client] | |||
===password for this repository=== | |||
pass for git account | |||
===password=== | |||
gpg passphrase | |||
==KDE== | |||
*https://qtpass.org/ | |||
*[https://github.com/mbos/Pass4Win Windows client] | |||
=FAQ= | |||
==Fix conflict== | |||
copy/save content of conflicting entry, | |||
pass git merge --abort | |||
pass git fetch --all | |||
pass git reset --hard origin/master | |||
and the | |||
pass edit <yourpass> | |||
==Error messages== | |||
===gpg: public key decryption failed: No pinentry=== | |||
gpg-agent needs --pinentry-program set | |||
or maybe you're in a screen/tmux session? | |||
{{ Category:security }} | |||
Latest revision as of 13:33, 20 April 2026
Simple password manager using gpg
Links
- Notes on pass
- Homepage
- Read passwords from the 'pass' passwordstore into ansible
- http://superuser.com/questions/520980/how-to-force-gpg-to-use-console-mode-pinentry-to-prompt-for-passwords
Getting started
pass init me@example.com
where me@example.com is the ID used for your gpg key
Setting up a shared pass git repository
On server pass.example.com create user passuser Then as this user:
mkdir pass.git git init --bare pass.git
On your workstation:
If you don't already have gpg key:
gpg --gen-key
and import pubkey(s) of other user(s):
gpg --import hisid
To make gpg use group, add to .gnupg/gpg.conf:
group ourgroup yourid hisid default-key <your key id> ?
Slightly less secure but very convenient:
ssh-keygen
and then add .ssh/id_rsa.pub to .ssh/authorized_keys on server
Then init pass: If you use groups:
pass init ourgroup
pass git init pass git remote add origin passuser@pass.example.com pass git push --set-upstream origin master pass git push
Now all it takes to add keys is:
pass add someserver/someaccount pass git push
and on other system
pass git pull
On another system you can clone then:
git clone pass.example.com:pass-git .password-store
ACHTUNG any user who edits or adds keys needs the public keys of all group members!
additional commands
Clients
Android client
password for this repository
pass for git account
password
gpg passphrase
KDE
FAQ
Fix conflict
copy/save content of conflicting entry,
pass git merge --abort pass git fetch --all pass git reset --hard origin/master
and the
pass edit <yourpass>
Error messages
gpg: public key decryption failed: No pinentry
gpg-agent needs --pinentry-program set
or maybe you're in a screen/tmux session?
Security related stuff
