Supporting use case of having a different GPG key in each device
danolo at danoloan.es
danolo at danoloan.es
Sun Dec 4 21:39:52 UTC 2022
Hello all,
I have been thinking of ways of configuring pass in my multiple devices. Currently, I use:
- pass + gpg2 in a void-linux desktop
- QtPass + Kleopatra in Windows on the same desktop
- QtPass + GNOME Keyring in Fedora on a laptop
- Password Store + OpenKeyChain in my Android phone
Transferring a single GPG private key to all my devices is anything but secure, so I thought it could be a good idea to have a single GPG key in each one of my devices. This however is anything but scalable right now, as for each new device I have to add the public key of all previously added devices.
I have thought that this may be supported implementing these two use cases:
- Calling the PGP backend to create a new key when init'ing a new repository
- Calling the PGP backend to create a new key when cloning a repository to a new device
- Fetching currently active public keys in a repository from a public index (such as https://keys.openpgp.org/)
Of course these use cases should be implemented in all clients, but I'm willing to start with pass itself. Do you think it's a good idea?
Thanks & BR
P.S.: I have searched for this topic using a search engine and have not found anything similar, short of a thread about migrating GPG keys.
More information about the Password-Store
mailing list