Hi, Note: I am the author of pass-tomb.
I agree that pass-tomb has a few drawbacks. The lack of version control support being one of them. However, if you do not share your password-store that should not be a big issue. You can still synchronize your tomb on a server (but not on a git server, yes). Although it is a technical requirement, in terms of security, I like the fact that the tomb size must be chosen at creation. It is a simple way to hide the actual size of the password store. That said, the default of 10MB might be too small. Regarding your system, it is not the first proposal of directory name encryption [1]. The new approach here is that it creates a RAM drive. Therefore, as Steve wrote, you end up creating a file system. Meaning, something similar to an open tomb (with less metadata protection though). I think it would end up being a **lot** of work for only git support and various store size. > On 11/05/2020 16:21, J Rt wrote: > Thanks for your message :) I agree that some form of encrypted > filesystem makes it much simpler, and this is more or less what > pass-tomb does, right? It is exactly what pass-tomb does. A tomb is only a dm-crypt volume encrypted with the user gpgid. > Also, in a sense, relying on an encrypted filesystem means > that you have a lot of software under your feet, in a sense it is more > self-contained to just use a few gpg tricks - this argument may be a > bad / weak one though. This is actually a feature: use standard, well-tested encryption system that is already shipped with Linux. It also reduces the length of code to write/maintain. > I also wonder if it would be nice to have this functionality > integrated in the 'core' pass. Neither pass-tomb nor an alternative tool will ever be integrated into pass. Extension support has been made for the whole purpose of keeping pass as small as possible. Furthermore, not everyone needs pass-tomb. > It is a bit annoying with pass-tomb, > this means yet-another-package to install, there are several repos on > github that claim to be pass-tomb so that is confusing, etc. I also > agree that this is a weak argument though. There is an official package for Debian (pass-extension-tomb) and many other distributions. > - a pair of public / encrypted private keys is stored at the root of > the store. This pair of keys is the 'name hiding' pair. The encrypted > private key is encrypted using the master gpg key. > I think this is a bad idea, do not play (create) with users key in pass. [1] https://lists.zx2c4.com/pipermail/password-store/2017-February/002700.html Regards, Alex
