Introduction and request

[Daniel Dörrhöfer]

Hi,

HacKan:
> Hello there! I'm HacKan, and currently a new pass user. However, I've
> been following development for a while, I like it.
> 
> I noticed the repo site doesn't have an issue tracker, and I would like
> to propose two additions to pass: a way to add files (text or binary) to
> the storage and a way to certify items in the storage.
> 
> Currently, to achieve the first I gpg'ed the file manually and output
> the result inside pass storage dir, but it's rather inconvenient.
> Something like pass insert <pass-name> <filepath> would be better.

Exactly how it is done. But use the »-m« parameter for a multi line
password and pipe the file. Get used to the unix philosophy (Makes life
easier).

e.G.

pass insert --multiline ssh/my_private_rsa_key < ~/.ssh/id_rsa


> 
> For the second, I noticed that from commit
> ff62f87f41557ab7267defab662324927301485a
> <https://git.zx2c4.com/password-store/commit/?id=ff62f87f41557ab7267defab662324927301485a>
> there's an option to sign files. I'm not sure how do you plan to
> implement such feature, if signing items individually and then verifying
> prior use, but I was thinking that an easy way to do it is simply
> mantain a /signed/ SHA512SUMS file on the root of the pass dir, and
> update it during insertions or modifications. This allows to ensure each
> item's authenticity, and also backwards compat since implementing it on
> an older "database" is pretty easy.


git does the job.

1) Set the key:

git config –global user.signingkey <MY_GPG_KEY>

2) verify:

pass git pull --verify-signatures

or

pass git log --pretty="%h: %s %Cgreen %G?"


> Let me know of your thought on those ideas, if there's another place to
> put them instead of this mailing list, and also if I should
> clarify/expand them.
> 
> Cheers,
> 
> 
> 
> _______________________________________________
> Password-Store mailing list
> Password-Store at lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/password-store
>