pass init does not re-encrypt existing files (SOLVED)
Frank Thommen
f.thommen at dkfz-heidelberg.de
Tue Jul 24 19:20:11 CEST 2018
Dear all,
On 07/19/2018 07:48 PM, Frank Thommen wrote:
> Hi,
>
> In an attempt to use pass for a shared password store @work I tried the
> instructions given on
> https://medium.com/@davidpiegza/using-pass-in-a-team-1aa7adf36592.
> However even after importing a colleagues' public gpg key, signing it
> and applying `pass init id1 id2`, existing entries could still not be
> seen by him:
>
> $ pass a/b
> gpg: decryption failed: No secret key
> $
>
> Entries created *after* the additional `pass init` could be read by both
> users, but not those created beforehand.
>
> We are using pass 1.5 on CentOS 7 (from EPEL). GPG is version 2.0.22.
>
> I'm grateful for any hint on how to re-encrypt also existing files.
>
> Cheers
> frank
Problem solved: It was a combined issue of RTFM and used pass version.
The pass version provided by EPEL for CentOS is 1.5, this version has an
additional switch "-e" or "--reencrypt" for `pass init` which seems to
have been dropped in later versions. At least it is not mentioned on
https://git.zx2c4.com/password-store/about/ or on
https://medium.com/@davidpiegza/using-pass-in-a-team-1aa7adf36592. I
/should/ have read the local manpage in addition to the online
documentation ;-)
It is working now:
* for version 1.5: pass init -e id1 id2 # requires -e
* for version 1.7.2: pass init id1 id2 # no need for -e
Cheers
frank
More information about the Password-Store
mailing list