pass init does not re-encrypt existing files (SOLVED)

Frank Thommen f.thommen at
Tue Jul 24 19:20:11 CEST 2018

Dear all,

On 07/19/2018 07:48 PM, Frank Thommen wrote:
> Hi,
> In an attempt to use pass for a shared password store @work I tried the 
> instructions given on 
> However even after importing a colleagues' public gpg key, signing it 
> and applying `pass init id1 id2`, existing entries could still not be 
> seen by him:
> $ pass a/b
> gpg: decryption failed: No secret key
> $
> Entries created *after* the additional `pass init` could be read by both 
> users, but not those created beforehand.
> We are using pass 1.5 on CentOS 7 (from EPEL).  GPG is version 2.0.22.
> I'm grateful for any hint on how to re-encrypt also existing files.
> Cheers
> frank

Problem solved: It was a combined issue of RTFM and used pass version. 
The pass version provided by EPEL for CentOS is 1.5, this version has an 
additional switch "-e" or "--reencrypt" for `pass init` which seems to 
have been dropped in later versions.  At least it is not mentioned on or on  I 
/should/ have read the local manpage in addition to the online 
documentation ;-)

It is working now:

   * for version 1.5:   pass init -e id1 id2  # requires -e
   * for version 1.7.2: pass init    id1 id2  # no need for -e


More information about the Password-Store mailing list