<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Hello Daniel:<br>
Hmm OK, I checked the multiline option and works well with binary
files, which was my main concern. <br>
<blockquote>
<pre>hackan@debian:~$ dd if=/dev/urandom of=t bs=1024 count=1
1+0 records in
1+0 records out
1024 bytes (1.0 kB, 1.0 KiB) copied, 0.000218737 s, 4.7 MB/s
hackan@debian:~$ pass insert -m test < t
Enter contents of test and press Ctrl+D when finished:
[master 3d34a54] Add given password for test to store.
1 file changed, 0 insertions(+), 0 deletions(-)
create mode 100644 test.gpg
hackan@debian:~$ sha512sum t
40f514ea9e11747b304cda3e715f99fa6329ddb0262671c66d0333083d18b64f037a26c5f9d66157dcb6de1c542f8d58212a4997e9c0d0c03a8876a49043a3d0 t</pre>
<pre>hackan@debian:~$ pass test | sha512sum -
40f514ea9e11747b304cda3e715f99fa6329ddb0262671c66d0333083d18b64f037a26c5f9d66157dcb6de1c542f8d58212a4997e9c0d0c03a8876a49043a3d0 -</pre>
</blockquote>
However a more user-friendly option could be added, I can hack the
code for it but I'm not sure about which coding rules/standards
you're following.<br>
<br>
Regarding signing, you're right, using git for it is a good idea. To
enable it, you must set<br>
<blockquote>
<pre>pass git config --bool --add pass.signcommits true</pre>
</blockquote>
besides setting the signing key, either global or local.<br>
<br>
Cheers!<br>
<br>
<div class="moz-cite-prefix">On 01/26/2017 12:34 PM, Daniel
Dörrhöfer wrote:<br>
</div>
<blockquote
cite="mid:93776b17-dd37-a5ed-2079-074594dc9e28@openmailbox.org"
type="cite">
<pre wrap="">Hi,
HacKan:
</pre>
<blockquote type="cite">
<pre wrap="">Hello there! I'm HacKan, and currently a new pass user. However, I've
been following development for a while, I like it.
I noticed the repo site doesn't have an issue tracker, and I would like
to propose two additions to pass: a way to add files (text or binary) to
the storage and a way to certify items in the storage.
Currently, to achieve the first I gpg'ed the file manually and output
the result inside pass storage dir, but it's rather inconvenient.
Something like pass insert <pass-name> <filepath> would be better.
</pre>
</blockquote>
<pre wrap="">
Exactly how it is done. But use the »-m« parameter for a multi line
password and pipe the file. Get used to the unix philosophy (Makes life
easier).
e.G.
pass insert --multiline ssh/my_private_rsa_key < ~/.ssh/id_rsa
</pre>
<blockquote type="cite">
<pre wrap="">
For the second, I noticed that from commit
ff62f87f41557ab7267defab662324927301485a
<a class="moz-txt-link-rfc2396E" href="https://git.zx2c4.com/password-store/commit/?id=ff62f87f41557ab7267defab662324927301485a"><https://git.zx2c4.com/password-store/commit/?id=ff62f87f41557ab7267defab662324927301485a></a>
there's an option to sign files. I'm not sure how do you plan to
implement such feature, if signing items individually and then verifying
prior use, but I was thinking that an easy way to do it is simply
mantain a /signed/ SHA512SUMS file on the root of the pass dir, and
update it during insertions or modifications. This allows to ensure each
item's authenticity, and also backwards compat since implementing it on
an older "database" is pretty easy.
</pre>
</blockquote>
<pre wrap="">
git does the job.
1) Set the key:
git config –global user.signingkey <MY_GPG_KEY>
2) verify:
pass git pull --verify-signatures
or
pass git log --pretty="%h: %s %Cgreen %G?"
</pre>
<blockquote type="cite">
<pre wrap="">Let me know of your thought on those ideas, if there's another place to
put them instead of this mailing list, and also if I should
clarify/expand them.
Cheers,
_______________________________________________
Password-Store mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Password-Store@lists.zx2c4.com">Password-Store@lists.zx2c4.com</a>
<a class="moz-txt-link-freetext" href="https://lists.zx2c4.com/mailman/listinfo/password-store">https://lists.zx2c4.com/mailman/listinfo/password-store</a>
</pre>
</blockquote>
<pre wrap="">_______________________________________________
Password-Store mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Password-Store@lists.zx2c4.com">Password-Store@lists.zx2c4.com</a>
<a class="moz-txt-link-freetext" href="https://lists.zx2c4.com/mailman/listinfo/password-store">https://lists.zx2c4.com/mailman/listinfo/password-store</a>
</pre>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
HacKan || Iván
GPG: 0xECF0573B1C9B59E8</pre>
</body>
</html>