[pass] GPG Key Roll / Remove key and re-encrypt tree

Steven Bambling smbambling at gmail.com
Fri Feb 13 12:43:09 CET 2015

I was testing with encrypting with a large list of keys and Kevin’s syntax did just what I wanted.

To make it a little easier I just added the needed key to the .gpg-id file and then ran ( assuming your in the password-store dir

pass init $(cat .gpg-id)


> On Feb 10, 2015, at 9:57 AM, Kevin Lyda <kevin at ie.suberic.net> wrote:
> On Tue, Feb 10, 2015 at 2:39 PM, Steve Bambling <smbambling at gmail.com> wrote:
>> Is there a way to re-encrypt the entire tree with a new key or set of keys
>> from the .gpg-id file?
> Removing key2: pass init key1 key3 key4
> Adding nkey1: pass init key1 nkey1
> Note that it will not change the encryption on all the old revisions,
> just on the new revision it will create.
> Kevin
> --
> Kevin Lyda
> Galway, Ireland

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 163 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20150213/4e71423d/attachment.asc>

More information about the Password-Store mailing list