[pass] Using pass in a team

Emil Lundberg lundberg.emil at gmail.com
Fri Apr 8 18:10:18 CEST 2016


As for your first question, the two are orthogonal. Multiple keys can be
used for the store, allowing multiple users to read (and write to) it; and
different key sets can be used for different folders in the store.

Second: yes, it's possible to reencrypt the store with a new key (or keys)
as long as you can still decrypt it (i.e. you still have the previous
private key). Do keep in mind, however, that any copies of the store
(including snapshots in git history, if the git feature is used) are not
affected and can still be decrypted with the old key.

/Emil

On Fri, 8 Apr 2016, 15:44 Philip Colmer, <philip.colmer at linaro.org> wrote:

> The home page says:
>
> Multiple GPG keys can be specified, for using pass in a team setting
>
> Is that intended to be read in connection with the bit that follows,
> namely "different folders can have different GPG keys", or does it
> mean that each team member can use their own personal key yet still
> access the store? I'm having trouble figuring out how the latter would
> work, if it is possible :).
>
> Also, is it possible to change the key used by the store? I couldn't
> see that in the documentation. I'm thinking of a scenario where the
> store's key might become compromised, i.e. leak in the wild, through
> carelessness or similar, leaving us needing to re-protect the store.
>
> Thanks.
>
> Regards
>
> Philip
> _______________________________________________
> Password-Store mailing list
> Password-Store at lists.zx2c4.com
> http://lists.zx2c4.com/mailman/listinfo/password-store
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20160408/9962b79b/attachment.html>


More information about the Password-Store mailing list