encrypted file and directory names?

Adam Spiers pass at adamspiers.org
Sun Feb 5 22:25:30 CET 2017


On Sun, Feb 05, 2017 at 10:27:58AM +0100, Sebastian Reuße wrote:
>Adam Spiers <pass at adamspiers.org> writes:
>> There is one feature which I consider pretty essential, and as far as
>> I can see, it's not supported by pass yet, which is to keep the entire
>> metadata encrypted, including the directory names and file names.
>> Without this it doesn't seem to provide 100% privacy protection, since
>> for example it potentially exposes which websites you use. Is that
>> right, or am I missing something?
>
>This is already implemented as far as I see it. In order to protect your
>local data, you can store the git repository on a fully-encrypted disk
>or alternatively store it inside an encrypted container like ecryptfs.
>To protect the data stored on remotes, use the git-remote-gcrypt
>extension.

I got the impression that the point of pass was to provide an
additional line of defence above what the filesystem already
provides.  If the filesystem can be trusted to keep things secure then
you could simply store all your credentials in it in plaintext, and
there would be no need for pass.  Maybe I misunderstood something?


More information about the Password-Store mailing list