Supplying GPG key password into Pass command

Steve Gilberd steve at erayd.net
Sat Feb 8 15:11:38 CET 2020


> My ultimate objective is to set up a web server that contains a front-end
application for my Pass store so that I can access my passwords on the fly.

For what it's worth, that seems like quite a risky thing to do. A password
store is a uniquely valuable target, and exposing it via a webapp opens a
significant attack surface that would not otherwise be present. Given that
you're granting the app access to your private key, one flaw may be all it
takes for you to lose the lot.

Is there a reason you don't want to simply access / decrypt entries
locally, and use git to keep everything synchronised? What problem are you
solving with the webapp approach?

Cheers,

Steve Gilberd
Erayd LTD · Consultant
Phone: +64 4 974-4229 · Mob: +64 27 565-3237
PO Box 10019 The Terrace, Wellington 6143, NZ
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20200209/68bfe8f8/attachment.html>


More information about the Password-Store mailing list