[pass] Multi-user pass / group pass

milki milki at rescomp.berkeley.edu
Fri Sep 21 09:08:45 CEST 2012


On 02:55 Fri 21 Sep     , Jason A. Donenfeld wrote:
> > On Fri, Sep 21, 2012 at 10:46 AM, Lucas Arduini <st_luke at me.com> wrote:
> > The Internet is freakin awesome
> 
> Haha, indeed.
> 
> On Fri, Sep 21, 2012 at 2:47 AM, Simon KP <si at eskp.net> wrote:
> > What happens if one person leaves the team and another enters with a new
> > key?
> 
> It's pretty trivial to re-encrypt the password-store. You can even do
> it in a one-liner:
> 
> find ~/.password-store -iname '*.gpg' | while read password; do gpg
> --batch --quiet -d "$password" | gpg -r "$(head
> ~/.password-store/.gpg-id)" -e -o "$password.new" --batch --quiet &&
> mv -v "$password.new" "$password"; done
> 
> Actually, I'll consider adding a switch to "pass init" for this --
> something like --reencrypt or --reinit. Suggestions?

It's probably useful to note that, if git is used, reencrypting will
only block access to new changes to the password files.


-- 
milki



More information about the Password-Store mailing list