On Sun, 4 Sep 2016, Johannes Rudolph wrote: > I'm evaluating to use pass for our team with git. I'm not sure I understand > some of the best-practices for using the tool so I wanted to ask for > clarification: > > (1) adding pgp-id's > when I add pgp-id's via pass init OLD NEW, pass does not reencrypt password > files in subdirs (e.g. a/test) - even if those subdirs don't have their own > .gpg-id file. I though pass would automatically assume to use the parent > .pgp-id applies in this case? Am I doing this wrong? > > Same for remove. It works with passwords in the root directory
Hi Johannes, I wrote a wrapper around pass for our team use, which handles a number of additional tasks such as new user setup (key generation, shell integration and GPG agent setup) and onboarding (having an already-authorised user reload the entire store once new users are setup). It makes a number of assumptions about the security model that we have - in particular, we have a shared storage directory with group write permissions - but it might be useful for you. http://git.ucc.asn.au/?p=zanchey/uccpass.git;a=summary David Adam [email protected] _______________________________________________ Password-Store mailing list [email protected] http://lists.zx2c4.com/mailman/listinfo/password-store
