dump all content

HacKan hackan at gmail.com
Fri Apr 10 16:06:17 CEST 2020


Well, I can't give you that command but here's a "oneliner" that loops
through your pass files and decrypts them:


if mount | grep "on /tmp" | grep "type tmpfs" >/dev/null; then
tmpdir="$(mktemp -d)"; chmod 0700 "$tmpdir"; printf "WARNING: Storing
ALL your passwords DECRYPTED in %s\n" "$tmpdir"; for file in
${files[@]}; do path="${file##/home/$USER/\.password-store/}";
pass_path="${path%%.gpg}"; printf "Decrypting %s...\n" "$pass_path";
printf "%s\n" "$pass_path" >> "$tmpdir/decrypted.txt"; pass "$pass_path"
>> "$tmpdir/decrypted.txt" 2>&1; done; printf "Here's your DECRYPTED
passwords (delete %s afterwards!):\n\n\n" "$tmpdir"; cat
"$tmpdir/decrypted.txt"; else printf "Not a tmpfs! Aborting...\n"; fi;


Huge WARNING: it stores them in a file under a new "random" directory in
/tmp, checking if /tmp is tmpfs first so as to make sure that we are not
writing plain passwords in permanent storage (this is very important!).
Remember to remove said directory once done.

Hope it helps you, cheers!


On 4/10/20 9:34 AM, J Rt wrote:
> Dear all,
>
> I would like to dump a complete copy of my password store for printing
> on paper and archiving in my safe, in full text / un-encrypted format.
> I know this may seem a bit risky but I am not a specially interesting
> target, and this will be in my safe anyways.
>
> Is there a way to do that?
>
> For example, I can issue:
>
> pass show
>
> and this shows the full pass tree:
>
> $ pass show
> Password Store
> ├── Github.com
> │   ├── ID
> │   └── pass
> ├── gmail
> │   ├── pass
> │   └── username
>
> Would it be possible to have a command like for example
>
> pass show all
>
> and it would show:
>
> $ pass show all
> Password Store
> ├── Github.com
> │   ├── ID blabla
> │   └── pass blabla2
> ├── gmail
> │   ├── pass blabla3
> │   └── username blabla4
>
> etc?
>
> I think this would be very useful for the 'casual' user who is not
> under much threat. As this reveals a lot of information, I guess this
> command could print a warning and ask for confirmation, something
> like:
>
> $ pass show all
> This is going to decrypt and show all your data, are you sure you want
> to continue? [yes/no]
>
> Cheers,
>
> JR

-- 
HacKan || Iván
GPG: 0x35710D312FDE468B




More information about the Password-Store mailing list