Is a PGP-based password manager a good idea in 2019?

Saeed Rasooli saeed.gnu at gmail.com
Sun Sep 1 13:49:01 CEST 2019


You really want to sacrifice native desktop integration (with gpg-agent and
desktop key ring) just because gpg is not very loved?
I don't think most of Linux/Unix users would like that!
If you don't have password on your private key, or you have a very short
password, you are probably making a mistake.

On Sun, Sep 1, 2019 at 3:08 PM Allan Odgaard <lists+pass at simplit.com> wrote:

> On 1 Sep 2019, at 12:24, Allan Odgaard wrote:
>
> Sure, if we re-implement the features currently being used from GPG,
> switching to an alternative would go unnoticed :)
>
> But that feature list also includes key management, for example teams may
> encrypt passwords for multiple recipients and/or with different keys for
> different sub-folders.
>
> It turns out that gopass re-implements GPG including key storage as an
> alternative backend, so you can see what is involved here:
> https://github.com/gopasspw/gopass/tree/master/pkg/backend/crypto/xc
>
> They use protocol buffers as the “file format” (when using this backend).
> _______________________________________________
> Password-Store mailing list
> Password-Store at lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/password-store
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20190901/a4586e04/attachment.html>


More information about the Password-Store mailing list