[pass] Adding support for symmetric encryption
dashohoxha at gmail.com
Wed Jan 27 09:33:46 CET 2016
On Wed, Jan 27, 2016 at 9:11 AM, Dahlberg, David <
david.dahlberg at fkie.fraunhofer.de> wrote:
> Am Dienstag, den 26.01.2016, 20:21 +0100 schrieb Dashamir Hoxha:
> > Now it picks out automatically which gpg encryption to use,
> > based on the presence of the file .gpg-id
> "pass init gpg-id" -> "pass init [gpg-id]" sounds dangerous to me. Like
> somebody who only half-remembers the commands (as most of us do) and
> does not pay too much attention may end up with a working password-store
> that is only encrypted with his smartcard PIN if he enters the
> pass init
Maybe you are right about this.
> > On the init command, if no gpg-id is given as argument,
> > then no .gpg-id file will be created, and the rest will always be
> > symmetric encryption/decryption.
> The same applies here. In the current password-store semantics, a
> directory with a missing ".gpg-id" inherits the encryption key from it's
> parent. A missing .gpg-id in the root directory is taken as an indicator
> of a non-initialized store.
> So if you make a missing ".gpg-id" an indication of symmetric
> encryption, either you cannot cannot use symmetric for a sub-tree of an
> asymmetric tree, or you have to make sure that the ".gpg-id" is written
> into every sub-directory (which requires switching/converting to a new
> binary format) or you cannot have multiple keys per sub-tree any more.
> My advice would be to make symmetric encryption explicit:
> * "pass init -s" and
> * "cat symmetric" > "$PASSWORD_STORE_DIR/.gpg-id"
No, it doesn't work the way that you think.
It seems that this feature (adding support for symmetric encryption)
makes the program like frankenstein (it doesn't fit naturaly with the
So, I am starting a for of the program, called 'simple-password-store':
One of the main changes will be to replace the asymmetric encryption
with symmetric encryption (getting rid of using private keys).
Another change will be to encrypt the whole directory, instead of the
individual password files (more secure and easier to manage).
Maybe the git functionality should be removed as well, but I am not sure.
I call it 'simple' because it does not support the advanced use cases
when you need to share your passwords with other people.
But you don't have to create and maintain private keys in order to
store your passwords, so hopefully its usage will be simpler.
And also I hope that the code will be a bit simpler to understand
(due to removing advanced features and asymmetric encryption).
Please subscribe (click the "Watch" button) to follow its development
and to help with any comments or ideas (and why not, patches and PR).
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Password-Store