[pass] Possible improvements

Dashamir Hoxha dashohoxha at gmail.com
Tue Jan 26 19:29:20 CET 2016


On Tue, Jan 26, 2016 at 4:36 PM, Lucas Hoffmann <l-m-h at web.de> wrote:

> Quoting Dashamir Hoxha (2016-01-26 16:20:04)
> > About point (2), is it the problem that you have to give the passphrase
> > each time that you want to show a password? I don't quite get it.
>
> The problem is that the use of symmetric encryption forces the user to
> unlock every entry in the password-store separately.


> I think it is a popular use case to unlock your GPG key once and then
> rely on the gpg-agent to use it several times in a row (read some
> encrypted emails, sign some emails, retrieve stuff from pass).  At least
> it is my use case.  The email stuff obviously does not change, but the
> user might want to log into several sites on the web and therefore
> retrieve several secrets from pass in a reasonably short time.  In this
> case she/he would have to type the passphrase for every new secret (even
> if it is the same every time).
>

You are right. This is really an issue.
At some point I was thinking that gpg-agent was caching the symmetric
password as well. Then after restarting gpg-agent it didn't work anymore.
Maybe it is some option of gpg2 or gpg-agent that should be fixed.


>
> What would your setup and use case be for symmetric encrypted secrets in
> pass?
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20160126/5d45e6df/attachment.html>


More information about the Password-Store mailing list