[pass] Signing individual pass files

Jason A. Donenfeld Jason at zx2c4.com
Sun Sep 21 19:25:35 CEST 2014

On Fri, Jul 25, 2014 at 11:37 AM, Jan Rusnacko <jrusnack at redhat.com> wrote:
> * this seems to be enabled globally in git config, so what about users who
> do not wish to sign their work (e.g. don`t have personal GPG key), but do
> what password files signed ?

>From the man page:

If the git config key pass.signcommits is set to true, then all commits
> will be signed using *user.signingkey* or the default git signing key.
> This config key may be turned on  using:  `pass git config --bool --add
> pass.signcommits true`

> * if it exists, is the git signature checked (automatically) before the
> password is retrieved ? I believe not.

You can verify the git repo any time you like using the ordinary git
commands. Consult the git documentation for best practices and ways of
hooking this.

> --
> Jan Rusnacko, Red Hat Product Security
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20140921/fec47cf1/attachment.html>

More information about the Password-Store mailing list