[pass] Encrypting directory tree

Patrick Burroughs (Celti) celti at celti.name
Tue Mar 3 06:42:43 CET 2015


On Tue, 3 Mar 2015 00:32:05 -0500 Dylan Mikus <dbmikus at gmail.com> wrote:
> Has there been any thought into encrypting the actual directory tree
> so that no one would be able to view what accounts you have? Is that
> something people are interested in, or was there a conscious decision
> against it for design reasons?

Encrypting the entire directory tree makes it a lot harder to process
things with plain UNIX tools if you for some reason don't want to or
can't use pass to access the store.

Conversely, if you really think the minor metadata leak is a problem,
tar up and gpg-encrypt your $PASSWORD_STORE_DIR and write a wrapper for
pass that decrypts/untars it to /dev/shm and sets $PASSWORD_STORE_DIR
appropriately, then cleans up after itself.

-- 
Patrick Burroughs (Celti) <celti at celti.name>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20150302/cefa8efd/attachment.asc>


More information about the Password-Store mailing list