Best practice for multiple-client use keys
Emil Lundberg
lundberg.emil at gmail.com
Mon Jan 16 09:35:40 UTC 2023
I too use Syncthing to sync the key store, but not the keys. Instead I
have my PGP keys on a YubiKey, so I just need to plug in the YubiKey
whenever I need to decrypt a secret and I can safely use the same key on
all my clients (because I'm not copying the private key, just moving the
smart card). It takes a bit of effort to properly set up a GPG smart
card without making it impossible to create backups of your master key
and encryption keys, but there are good guides for that available online.
/Emil
On 1/14/23 17:23, Zach wrote:
> On 2023-01-14 10:58am, Wolfgang Schildbach wrote:
>
>> I would like to use pass in a situation where a number of PCs/laptops
>> all have access to the keystore, as well as one or two mobile
>> devices. We can assume the laptops to be a mix of linux and windows.
>> The mobile devices are Android. I have a git server running in my
>> home network.
>
>> …
>
>> So my question is, how are others handling this situation, and am I
>> overlooking an option? Should I be looking at 1) with a keyserver?
>
> I am using syncthing[1] to synchronize the pass keystore and my PGP
> keys. I just sync the `.gnupg` and `.password-store` directories
> (along with a plethora of other useful stuff like ssh keys and
> dotfiles). It's been chugging along in the background of my workflows
> for almost a decade. From what you wrote, it seems this could fit your
> requirement.
>
> [1] https://syncthing.net/
More information about the Password-Store
mailing list