Pass: Difference between revisions

From DWIKI
mNo edit summary
Line 5: Line 5:
*[https://sig-io.nl/?p=399 Read passwords from the 'pass' passwordstore into ansible]
*[https://sig-io.nl/?p=399 Read passwords from the 'pass' passwordstore into ansible]
*http://superuser.com/questions/520980/how-to-force-gpg-to-use-console-mode-pinentry-to-prompt-for-passwords
*http://superuser.com/questions/520980/how-to-force-gpg-to-use-console-mode-pinentry-to-prompt-for-passwords
=Getting started=
pass init me@example.com
where me@example.com is the ID used for your gpg key


=Setting up a shared pass git repository=
=Setting up a shared pass git repository=

Revision as of 15:44, 26 August 2016

Simple password manager using gpg

Links

Getting started

pass init me@example.com

where me@example.com is the ID used for your gpg key



Setting up a shared pass git repository

On server pass.example.com create user passuser Then as this user:

mkdir pass.git
git init --bare pass.git


On your workstation:

If you don't already have gpg key:

gpg --gen-key

and import pubkey(s) of other user(s):

gpg --import hisid

To make gpg use group, add to .gnupg/gpg.conf:

group ourgroup yourid hisid
default-key <your key id> ?

Slightly less secure but very convenient:

ssh-keygen

and then add .ssh/id_rsa.pub to .ssh/authorized_keys on server


Then init pass:

pass init ourgroup
pass git init
pass git remote add origin passuser@pass.example.com
pass git push --set-upstream origin master
pass git push


Now all it takes to add keys is:

pass add someserver/someaccount
pass git push

and on other system

pass git pull


On another system you can clone then:

git clone pass.example.com:pass-git .password-store

ACHTUNG any user who edits or adds keys needs the public keys of all group members!

additional commands

Clients

Security related stuff