On January 20, 2018 11:05:35 AM EST, Sean Murphy <[email protected]> wrote:
> Is it possible to auto encrypt all password with >multiple gpg subkeys hanging off one primary key? Yes. I do this. The trick is to initiate your password store with each subkey. For instance, in my public key Ox0424DC19B678A1A9, I have the following subkeys (as shown by gpg -K): ssb nistp384/EA49CFDB55D113E9 2014-10-12 [E] [expires: 2018-10-11] ssb ed25519/37B9507ACFF2016E 2014-10-12 [S] [expires: 2018-10-11] ssb elg3200/28FA8B9659A70692 2016-03-07 [E] [expires: 2018-10-11] ssb elg2048/25353D56E26A744C 2014-10-09 [E] [expires: 2018-10-11] ssb elg2048/32483BAF5EA82613 2014-10-10 [E] [expires: 2018-10-11] ssb dsa2048/6B8EB3A065CFBAA9 2014-10-10 [S] [expires: 2018-10-11] ssb dsa2048/0BDB2162F1CE5831 2014-10-09 [S] [expires: 2018-10-11] For password-store, we don't care about signing subkeys (marked with [S]), only encryption ones (marked with [E]). That is, $ gpg -K 0424DC19B678A1A9 | fgrep -e '[E]' ssb nistp384/EA49CFDB55D113E9 2014-10-12 [E] [expires: 2018-10-11] ssb elg3200/28FA8B9659A70692 2016-03-07 [E] [expires: 2018-10-11] ssb elg2048/25353D56E26A744C 2014-10-09 [E] [expires: 2018-10-11] ssb elg2048/32483BAF5EA82613 2014-10-10 [E] [expires: 2018-10-11] So, init the password store with: pass init EA49CFDB55D113E9! 28FA8B9659A70692! 25353D56E26A744C! 32483BAF5EA82613! The ! makes gpg use that exact key, instead of the default encryption key. Is it possible >to eg perform a batch job to ensure that all paawords on my >git server have the dual encryption (as I guess that some clients >such as mobile apps would not have support for working with >multiple keys). pass init will re-encrypt everything to all the listed keys (Of course, make a backup first, just in case). > >Any thoughts/pointers greatly appreciated. > >BR, >Seán. >_______________________________________________ >Password-Store mailing list >[email protected] >https://lists.zx2c4.com/mailman/listinfo/password-store -- Sent from my Android device with K-9 Mail. Please excuse my brevity. _______________________________________________ Password-Store mailing list [email protected] https://lists.zx2c4.com/mailman/listinfo/password-store
