pass init continues re-encrypting after incorrect passphrase?
JD Bothma
jbothma at gmail.com
Sat Jan 18 14:23:09 CET 2020
I tried to add a key to a directory using pass init -p apps/someapp
...keys...
I forgot my passphrase and got it wrong three times. Then the passphrase
dialog popped up again and I got it right.
Looking at the output, it didn't encrypt the first file, but it continued
encrypting the other files.
While it's my job to look at the output before pushing changes, it feels
like it would make more sense for pass to exit with an error code after the
first file failed, rather than to prompt again and keep trying for the
remaining files in the directory.
$ pass init -p apps/someapp aaa at gmail.com bbbb at gmail.com
Password store initialized for aaa at gmail.com, bbbb at gmail.com (apps/someapp)
[master f12716d] Set GPG id to aaa at gmail.com, bbbb at gmail.com (apps/someapp).
1 file changed, 1 insertion(+)
apps/someapp/AWS_SECRET_ACCESS_KEY: reencrypting to 0549C9936556A5B6
5AFE80D12EC61626
gpg: decryption failed: No secret key
apps/someapp/DJANGO_SECRET: reencrypting to 0549C9936556A5B6
5AFE80D12EC61626
apps/someapp/POSTGRES_PASSWORD: reencrypting to 0549C9936556A5B6
5AFE80D12EC61626
[master c23fb5b] Reencrypt password store using new GPG id aaa at gmail.com,
bbbb at gmail.com (apps/someapp).
2 files changed, 0 insertions(+), 0 deletions(-)
rewrite apps/someapp/DJANGO_SECRET.gpg (100%)
rewrite apps/someapp/POSTGRES_PASSWORD.gpg (100%)
In this case I actually thought it was succesful and it was going to keep
retrying until I pressed cancel or ctrl+c, but it was actually just
continuing with files one by one.
Is this behaviour intentional?
Best
JD
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20200118/5ad996c7/attachment.html>
More information about the Password-Store
mailing list