[pass] Adding support for symmetric encryption
Dashamir Hoxha
dashohoxha at gmail.com
Tue Jan 26 20:21:43 CET 2016
Now it picks out automatically which gpg encryption to use,
based on the presence of the file .gpg-id
On the init command, if no gpg-id is given as argument,
then no .gpg-id file will be created, and the rest will always be
symmetric encryption/decryption.
If one (or more) gpg-id are given on init, a .gpg-id file will be created
and everything will be same as before (symmetric encryption/decryption).
Check it out here:
https://github.com/dashohoxha/password-store/commits/master
I have tested it, and it works well for me.
Cheers,
Dashamir
On Tue, Jan 26, 2016 at 5:52 PM, Allan Odgaard <lists+pass at simplit.com>
wrote:
> On 26 Jan 2016, at 23:03, Matthieu Weber wrote:
>
> On Tue 26.01.2016 at 10:14:46PM +0700, Allan Odgaard wrote:
>>
>>> Furthermore, even with a 12 byte passphrase, it is user generated,
>>> so it is unlikely to be truly random, which decrease the search
>>> space (often significantly).
>>>
>>
>> http://world.std.com/~reinhold/diceware.html solves that problem.
>>
>
> This is basically suggesting 25-30 throws of the dice for a truly random
> password resulting in 65-77 bit keys: log2((6^5)^5)
>
> The “dicelist” is there to make it possible for people to remember a 65-77
> bit random number, but good luck convincing people to use this scheme and
> also to have them generate a new passphrase for each new application.
>
> So in practice, I think asymmetric encryption is the better/stronger
>>> choice.
>>>
>>
>> You only displace the problem, by having to protect your private key
>> with a passphrase.
>>
>
> Which is still better since an attacker will need to steal your key before
> they can brute-force your passphrase, and if you are worried about this,
> you can move the key to a physical token, so now this physical token needs
> to be stolen for someone to decrypt your files, and this physical token can
> have its own security requiring specialized tools in order to break them.
>
> _______________________________________________
> Password-Store mailing list
> Password-Store at lists.zx2c4.com
> http://lists.zx2c4.com/mailman/listinfo/password-store
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20160126/6e35786a/attachment-0001.html>
More information about the Password-Store
mailing list