Set up another PC to access pass's remote git repository

Kenny Evitt kenny.evitt at gmail.com
Thu Oct 19 18:54:00 CEST 2017


Here's something I wrote in a message to this list earlier that's relevant:

I'm using git-remote-gcrypt <https://github.com/spwhitton/git-remote-gcrypt>
> with a simple bare remote repo in Dropbox. Because the entire remote repo
> (e.g. including the Git internal objects) are encrypted, neither the file
> paths nor the Git history should be readable via the remote repo in Dropbox.
>

The *git-remote-gcrypt *helper encrypts an entire Git repo (and not just
Pass repos) – including the Git metadata (e.g. history). So filenames,
directory names, etc. are entirely obfuscated.

Instead of sharing a single GPG key-pair I just use a separate key-pair for
every computer from which I want to access the repo and I encrypt all of
the Pass files with a GPG group consisting of all of the (public) keys for
all of my computers.

On Wed, Oct 18, 2017 at 11:14 PM, <calligraffiti at tuta.io> wrote:

> [Keybase](keybase.io) recently released an encrypted GIT repository
> service as part of its app. It's still pretty early days though. So no easy
> way to pull down to your phone. Works perfectly for all your PCs though.
> Completely platform agnostic.
>
>
> 15. Oct 2017 21:35 by niels at kobschaetzki.net:
>
>
> On 17/10/16 13:35, Alec Clews wrote:
>
> You can clone (plus push and pull) to a remote repository using https as
> the transport instead of using ssh.
>
> It seems to me that hosting on git cloud server may be a brave choice? I'd
> be interested to know what other people think.
>
>
> I don't see any problem with that, as long as his private gpg-key is not
> also up there in the cloud and he is using a reasonably secure key. And
> keeps his key save. But that's the SPOF of pass anyway.
> The only problem I see might be privacy implications since other people
> can publicly see what for sites he is using, if he names his passwords
> accordingly. Maybe the user should invest in a github subscription to be
> able to create a private repository.
>
> Niels
> _______________________________________________
> Password-Store mailing list
> Password-Store at lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/password-store
>
>
> _______________________________________________
> Password-Store mailing list
> Password-Store at lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/password-store
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20171019/18b44406/attachment.html>


More information about the Password-Store mailing list