[pass] Adding support for symmetric encryption
Matthew Monaco
matt at monaco.cx
Wed Jan 27 10:05:21 CET 2016
On January 27, 2016 1:54:44 AM MST, Kjetil Torgrim Homme <kjetil.homme at redpill-linpro.com> wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>On 2016-01-26 14:29, Dashamir Hoxha wrote:
>> If they have your encrypted password files, most probably they also
>> have your private keys. At least for most of the people, who are
>> not using smartcards, yubikey, nitrokey, etc. (I am one of them).
>
>not at all. since the password-store is securely encrypted, it is
>safe to use a third party as a distribution point, e.g., Github. that
>way, I can easily pull an updated store into each of my workstations.
> this does *not* give the admins at Github any access to my passwords.
>
>- --
>Kjetil T. Homme
>Redpill Linpro AS - Changing the game
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v2
>
>iEYEARECAAYFAlaohc0ACgkQdwjfh75Cw0O0swCgsE9OY32U0au/ZiDQhgABeDdN
>adUAn0OoNKL4f3oqAsJ+50TavCoWh+vD
>=GYVB
>-----END PGP SIGNATURE-----
>_______________________________________________
>Password-Store mailing list
>Password-Store at lists.zx2c4.com
>http://lists.zx2c4.com/mailman/listinfo/password-store
If you don't sync to a public server, and don't use a smart card then for most people those files will be exposed together.
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.
More information about the Password-Store
mailing list