[pass] Add option to replace encryption key in use?
Tmplt
ttemplate223 at gmail.com
Fri Jul 29 03:04:11 CEST 2016
Hello,
My gpg setup was due to a makeover, so I created a new key dedicated to
pass' files. I did this with the following commands as it didn't seem
like pass supported this feature:
find .password-store -type f -name '*.gpg' -exec gpg --decrypt-files
'{}' \;
find .password-store -type f -name '*.gpg' -delete
find .password-store -type f -exec gpg -r <fingerprint>
--encrypt-files '{}' \;
I then removed the unencrypted files.
Is this a feature that pass could support, or is it too much of an
uncommon case of usage?
It might be a safer operation if pass would support this, as I realize
belatedly that removing the unencrypted files with `rm` leaves me open
for exploits (which perhaps wouldn't be the case if I had used `shred
--remove` instead)
What do you think?
--
Tmplt
More information about the Password-Store
mailing list