[pass] Multi-user pass / group pass
milki
milki at rescomp.berkeley.edu
Fri Sep 21 09:08:45 CEST 2012
On 02:55 Fri 21 Sep , Jason A. Donenfeld wrote:
> > On Fri, Sep 21, 2012 at 10:46 AM, Lucas Arduini <st_luke at me.com> wrote:
> > The Internet is freakin awesome
>
> Haha, indeed.
>
> On Fri, Sep 21, 2012 at 2:47 AM, Simon KP <si at eskp.net> wrote:
> > What happens if one person leaves the team and another enters with a new
> > key?
>
> It's pretty trivial to re-encrypt the password-store. You can even do
> it in a one-liner:
>
> find ~/.password-store -iname '*.gpg' | while read password; do gpg
> --batch --quiet -d "$password" | gpg -r "$(head
> ~/.password-store/.gpg-id)" -e -o "$password.new" --batch --quiet &&
> mv -v "$password.new" "$password"; done
>
> Actually, I'll consider adding a switch to "pass init" for this --
> something like --reencrypt or --reinit. Suggestions?
It's probably useful to note that, if git is used, reencrypting will
only block access to new changes to the password files.
--
milki
More information about the Password-Store
mailing list