Wow, that seems really, really useful! I think we will opt for a flat-directory structure for now (e.g. encoding key/usernames like service-user and adding more metadata via the multiline trick as @btober suggested.
I still would like to pose the question of sub-dir handling to the maintainers, e.g. I find it reasonable to assume that subdirs "inherit" the gpg id file from their parent dir if none is found (recursively). Is that something you'd consider changing? I'd look into a PR, but my bash-skillz are seriously lacking. On Mon, Sep 5, 2016 at 12:02 PM, Héctor Rivas Gándara <[email protected]> wrote: > Hi, > > I use this project template for using pass with teams. > https://github.com/keymon/password-store-for-teams > > It has a script to allow have different aliases for different teams (eg > team1-pass in ~/.team1-pass) > > We have each one one gpg key, but you need to reencrypt on changes. > Otherwise you can use a master key or so, shared with all members. But you > are right about reencrypt subdirs. Maybe you can do a script to run pass > init on each occurrence of .gpg-id > > About separated mail/pw, I tend to have 2x different files. I'm general, > each value is a file, because it's easier to script. > > On 4 Sep 2016 21:57, "Johannes Rudolph" <[email protected]> > wrote: > >> I'm evaluating to use pass for our team with git. I'm not sure I >> understand some of the best-practices for using the tool so I wanted to ask >> for clarification: >> >> (1) adding pgp-id's >> when I add pgp-id's via pass init OLD NEW, pass does not reencrypt >> password files in subdirs (e.g. a/test) - even if those subdirs don't have >> their own .gpg-id file. I though pass would automatically assume to use the >> parent .pgp-id applies in this case? Am I doing this wrong? >> >> Same for remove. It works with passwords in the root directory >> >> (2) recording pw-metadata >> We sometimes have metadata for a password, e.g. username + email (the two >> being separate). If I only create the password file with username, where >> can I record the associated email address? >> >> (3) OS X autocompletion >> I installed via brew on OS X. install instructions on website are wrong >> (for me): >> *$ echo "source /usr/local/etc/bash_completion.d/password-store" >> >> ~/.bashrc* >> should be >> *$ echo "source /usr/local/etc/bash_completion.d/password-store" >> >> ~/.bash_profile* >> >> Hope this input is valuable for you as well, looking forward to some >> insight on 1 and 2. Thanks! >> >> Regards, >> Johannes >> >> _______________________________________________ >> Password-Store mailing list >> [email protected] >> http://lists.zx2c4.com/mailman/listinfo/password-store >> >>
_______________________________________________ Password-Store mailing list [email protected] http://lists.zx2c4.com/mailman/listinfo/password-store
