On Sun, Feb 05, 2017 at 10:39:52PM +0000, Alexandre Pujol wrote:
Hi all,
They have been a lot of discussions in this ML about the fact that files
and directories names are not encrypted in the password store. Just
check [1] for last year discussion and [2] for this year discussion.
There aren't any good solution yet. Most of the solution proposed are
either not secure or would completely transform pass.
Did you read my latest proposal yet?
https://lists.zx2c4.com/pipermail/password-store/2017-February/002714.html
I think it should be secure, and would not completely transform pass.
pass-tomb [3] is my solution to these issue. It provides a Unix
Philosophy compatible solution to the tree problem in pass. This is a
pass extension providing a convenient solution to put you password
repository in a tomb [4] and then keep your password tree encrypted
when you are not using it. Moreover, it uses the same GPG key to encrypt
passwords and tomb (This is only possible now with the coming support of
GPG key in tomb [5])
[snipped]
This sounds cool - thanks a lot for making it and sharing it! My
first question is: could this work on Android? I see that LUKS has
been ported:
https://github.com/guardianproject/luks/wiki
But I have no idea how easy it would be to integrate into
https://github.com/zeapo/Android-Password-Store
Unfortunately without Android support it's not really useful for me.
My proposal is less sophisticated, but would not introduce any
significant new dependency. (The only new thing it needs to do is
generate SHA-256 digests.)
_______________________________________________
Password-Store mailing list
[email protected]
https://lists.zx2c4.com/mailman/listinfo/password-store
