[pass] adding gpg keys?

Brian Shore brian at networkredux.com
Thu Nov 20 18:41:27 CET 2014


On Thu, Nov 20, 2014 at 9:27 AM, Jonathan Proulx <jon at csail.mit.edu> wrote:
> false (well false in teh olde version in the Ubuntu 14.04 repos):

Hi Jon,
In the older versions, only a single key ID is supported.  You can get
many of the benefits of multiple ID support by defining a group in
your GPG configuration and then using that group name as you "key ID"
when initializing pass.

If your needs are minimal and your group is small (and everyone is
already comfortable with GPG), then using a group definition is
probably just fine.  If your group is large or some of your users have
(want?) little or no experience with GPG, you'll find it awkward to
maintain things, particularly requiring every user to update their
group definition each time you grant a new user access the password
store.

The gpg config file manual discusses the group definitions.  They look
something like this:

group moocow=0x12345678 0xabcdef12

And then you can initialize pass with that group:

pass init --reencrypt moocow


-- 
Brian Shore
Senior Systems Engineer, Security Architect
Network Redux, LLC
5200 SW Macadam Ave Ste 450
Portland, Oregon 97239
Desk:  503-274-9905 x503


More information about the Password-Store mailing list