Re: Changing encryption backend (discussion)

[Kjetil Torgrim Homme]

Den 19/01/2023 10:36, skreiv pass-maillingl...@artursterz.de:

the other day I was thinking about whether it might be time to
replace GPG with another backend. age [1]


Even if Pass were to support Age as an alternate backend, why replace
GPG? None of the reasons given is compelling enough for those already
using GPG to switch.


Sure, if you are happy using GPG, why switch to age?
If you are happy using OpenVPN, why switch to WireGuard?
If you are happy using $OLD_CLUNKY_SOFTWARE_WITH_BAD_UX, why switch to a more 
modern approach?

But this is a philosophical discussion, won’t continue it here.


as far as I can tell, age(1) has absolutely no concept which can replace 
web-of-trust (key management in general is ad-hoc), so at this time it 
is not really appropriate as a PGP replacement.


let's hope they add key management in version 2, then I'll take another 
look.


--
Kjetil T. Homme
Redpill Linpro - Changing the game

Re: [PATCH] The pipe to a tail and then head -1 can fail due to a, pipefail., https://stackoverflow.com/questions/22464786/ignoring-bash-pipefail-for-error-code-141, Since sed is used elsewhere in the

[Kjetil Torgrim Homme]

Den 18/01/2023 23:46, skreiv Judd Montgomery:

  From 4b547b5332110c19ebdc8802d1cd628979ade59a Mon Sep 17 00:00:00 2001
From: Judd Montgomery 
Date: Wed, 18 Jan 2023 17:32:56 -0500
Subject: [PATCH] The pipe to a tail and then head -1 can fail due to a
   pipefail.
   
https://stackoverflow.com/questions/22464786/ignoring-bash-pipefail-for-error-code-141
   Since sed is used elsewhere in the script, using sed seems simpler and
more
   performant.


diff --git a/src/password-store.sh b/src/password-store.sh
index 22e818f..8ea4d65 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -388,7 +388,7 @@ cmd_show() {
      echo "$pass" | $BASE64 -d
      else
      [[ $selected_line =~ ^[0-9]+$ ]] || die "Clip
location '$selected_line' is not a number."
-   pass="$($GPG -d "${GPG_OPTS[@]}" "$passfile" |
tail -n +${selected_line} | head -n 1)" || exit $?
+   pass=$("$GPG" -d "${GPG_OPTS[@]}" "$passfile" |
sed -n "${selected_line}"p)
      [[ -n $pass ]] || die "There is no password to
put on the clipboard at line ${selected_line}."
      if [[ $clip -eq 1 ]]; then
      clip "$pass" "$path"





I'm sorry to say your e-mail client really chewed that up and spat it 
out in mangled pieces.  those are no-break-spaces for the indentation, 
random line breaks thrown in, etc.


--
Kjetil T. Homme
Redpill Linpro - Changing the game

Re: pass show --clip bug

[Kjetil Torgrim Homme]

Den 18/01/2023 18:22, skreiv Judd Montgomery:



the patch looks good to me, much simpler and safer, and guaranteed to
not trigger EPIPE.  you should however move your comments from the patch
into a commit message, I don't think we want history like that in the
script itself.

>

Is there a way to commit?  I read the contributing section from
https://www.passwordstore.org/. I expected whomever was going to commit
it to remove the comments and only add the line with the sed.


there is no way to commit/push or make a merge request/pull request, no.


   Contributing

This is a very active project with a healthy dose of contributors
. The best
way to contribute to the password store is to join the mailing list
 and send
git formatted patches.


in other words, commit to your local clone, use

  git show --pretty=email COMMITID

and include it in your e-mail.  IIRC Jason prefers the patches to be 
posted inline in the message rather than as attachments.


--
Kjetil T. Homme
Redpill Linpro - Changing the game

Re: pass show --clip bug

[Kjetil Torgrim Homme]

Den 13/01/2023 04:13, skreiv Judd Montgomery:

Hi,

I have a secret that is over 1000 lines long and each line is on average
24 characters.  I noticed that the pass show -c[line-number] option only
works when trying to clip lines numbers greater than 850 or so.  Any
line number less than this fails with a return code of 141.  I suspect
this will vary depending on Linux kernel versions, tuning and buffer
sizes and I will try to explain why.

The error code 141 that gets returned in this case is pipefail. At the
top of the pass script is a "set -o pipefail" and that causes the script
to exit in this case.  This happens because the output of a tail command
is piped into a head -n 1 which closes the read pipe as soon as it reads
one line.  If the tail command is not done writing then it fails with a
pipefail (141) because its writing to a closed pipe.  Normally this is
not noticed or unexpected behavior.  When I show/clip lines near the end
of the file it succeeds because tail is done writing.  If I show/clip
lines early in the file then the tail command gets its pipe "rudely"
shutdown ;-)

I am attaching a patch that I tested.  I didn't write a test.

Here is an explanation I initially found
https://stackoverflow.com/questions/22464786/ignoring-bash-pipefail-for-error-code-141



the patch looks good to me, much simpler and safer, and guaranteed to 
not trigger EPIPE.  you should however move your comments from the patch 
into a commit message, I don't think we want history like that in the 
script itself.


--
Kjetil T. Homme
Redpill Linpro - Changing the game

Re: Best practice for multiple-client use keys

[Kjetil Torgrim Homme]

Den 14/01/2023 10:58, skreiv Wolfgang Schildbach:
My question is what are best practices when it comes to (pgp) key 
management in this situation, and the documentation seems fairly light 
in this respect.


 From what I can see, there are two options.

1) Create a different public/private key pair for each machine, and 
encrypt the store for all of them (i.e. pass init with multiple keys).


I have successfully done this but it is a N² problem -- every time a new 
machine is added, its public key needs to be distributed to all the 
different machines. This becomes unwieldy very soon, specifically if you 
take into account that the public keys should really be signed by a 
master key. And if you forget to do a pass git pull/push around the 
operations and need to merge -- specifically with the .gpg-id file -- 
then things become a bit scary.


I have toyed with the idea of setting up a keyserver but discarded that 
for now as it seemed to be more complexity than I was ready for.


There is a simpler version: Add the public key to your pass Git repo so 
it can be easily imported on all the other hosts.  Whether you trust the 
new key explicitly on each host or you sign it using your trusted master 
key is up to you, I guess it will depend on how many hosts there are. 
You need the full set of public keys to do a new pass init, but they 
need to be trusted.


--
Kjetil T. Homme
Redpill Linpro - Changing the game

Re: [PATCH] Add option --flat

[Kjetil Torgrim Homme]

On 19/07/2022 11:37, Magnus Sandberg wrote:

Hi,

After a few minutes of manual testing at my shell prompt, I guess this 
one does the same;


find ${PREFIX} -type f -name '*.gpg' | grep -i "${terms}" \
    | sed -E "s|^${PREFIX}/||" | sed -E 's/\.gpg$//' | sort



Assuming that 'grep -i "${terms}"' would give the same result as
'tree ... -P "${terms%|*}" ...'


I would prefer a version which is not reliant on tree, too.  especially 
since it seems very fragile to try to remove the glyphs used for the 
tree in the output.  (in fact, on my EL7 box, the version of tree 
shipped with the distro is incompatible with pass, so I run find(1) 
manually instead!)


A small point - I think it is better to remove the prefix and .gpg 
suffix before the grep to avoid unwanted matches (e.g., searching for 
"home" :)


--
Kjetil T. Homme
Redpill Linpro AS - Changing the game

Re: [PATCH] clip: add option PASSWORD_STORE_PASTE_ONCE

[Kjetil Torgrim Homme]

Den 29/03/2022 19:05, skreiv Matthias Groß:

If this environment variable is set to "true", the clipboard is cleared
immediately after pasting.

---
I've send this in before but the first try was a bit chaotic and I never
got feedback. I still consider it a useful feature and rebased it onto
master. However, if silence meant "no", sorry for the noise.


I'm just wondering if this should look at the operation somehow and 
adjust behaviour accordingly.  When doing `pass generate`, you usually 
have to paste the new password twice into the dialog.


--
Kjetil T. Homme
Redpill Linpro - Changing the game

Re: easier selection of passwords

[Kjetil Torgrim Homme]

On 17/02/2021 17:28, Alec Hill wrote:
> Hello dear people!  I'm wondering if there are any
> suggestions/solutions/thoughts about easier selection of passwords...
> 
> With dozens of passwords in variously nested directories, it can be
> hard to remember where one lives.  I could spend time better
> organizing my password folder structure and memorizing this...

Sounds like your organization into nested directories is detrimental
rather than helpful.  I keep it simple: I have just two top-level
directories, "job" and "private", and the filenames inside are the
domain names for the places the password is for.  If I need more
accounts on a domain, I let the domain be a directory with one file per
account.

(I also add symlinks manually when there is a less than obvious
connection between the login screen domain and the service name.  I
would definitely like to see an extension to make it easier to create
these - having to "cd ~/.password-store; ln -s foo bar; git add bar; git
commit" is a bit inconvenient.)


-- 
Kjetil T. Homme
Redpill Linpro AS - Changing the game

Re: [PATCH] Suppress tr's stderr in the generate function

[Kjetil Torgrim Homme]

On 28/12/2020 14:21, Allan Odgaard wrote:

On 28 Dec 2020, at 11:32, Nicolai Dagestad wrote:


It might be something fishy with my machine, with:
python -c "print('0'*4097)" | tr 0 1 | head -c 10
I get the broken pipe on my laptop, but on none of my other machines 
running arch...


Background:

In the above line `head` reads 10 bytes and then closes its stdin (which 
is stdout for `tr`).


When a program writes to a closed pipe (stdout), it will receive SIGPIPE 
which by default will terminate the process, so normally `tr` will be 
terminated (silently) when nobody reads its output.


The reason for the 4096 bytes is due to buffering, `tr` can succesfully 
fill up the buffer before triggering a SIGPIPE signal.


One can set SIGPIPE to be ignored, this will be inherited by a child 
process during fork.


If SIGPIPE is being ignored, then it looks very much like `tr` *will* 
output an error message, as then `fwrite` will fail and output an error 
judging by this code: 
https://github.com/coreutils/coreutils/blob/fb64712c4d79a542bae533034c6c4802eae555fd/src/tr.c#L1585-L1587 



My theory: Someone has set SIGPIPE to be ignored, for the process that 
spawns `pass` (and your test).


A small anecdote about this problem from 15 years ago:  I had a problem 
with the makewhatis cron job starting to emit mail to root about broken 
pipes (thousands of lines).  When I ran the job by hand, it all worked 
fine.  After a reboot, it also worked fine.


After quite a while of headscratching, the cause was found: When RPM 
(actually up2date) ran, it ignored the SIGPIPE signal (in order to close 
the rpmdb cleanly on write error).  If the cron package was updated, the 
cron daemon was restarted, with SIGPIPE still ignored.  Cron did not 
touch signal handlers during startup, so the result was that all cron 
jobs launched thereafter would get this very confusing behaviour.


These days systemd makes sure services are starting in a clean and 
consistent state, so this is less likely to crop up again :-)


--
Kjetil T. Homme
Redpill Linpro - Changing the Game

Re: curious: why use own hosting rather than github?

[Kjetil Torgrim Homme]

On 23/11/2020 16:50, Jason A. Donenfeld wrote:
> Generally I sweep the list picking up missing patches when it's time
> to make a new release. Most are skipped, because anybody can write a
> little casual bash, and so the signal-to-noise ratio is not very good.
> But releases do get made, and patches do get incorporated.

yes, but it would be nicer to have a tracker for merge/pull requests, so
we could see what has been rejected and what is still waiting for
consideration.  I currently have three patches in such limbo :-)

 [PATCH] Allow comments in .gpg-id
 [PATCH] add "pass reencrypt" sub comman
 [PATCH] Filter out expired signing keys

anyone can make a "fork" or mirror on Gitlab and ask the mailing list to
submit merge requests there, but I don't think it is better for the
community without buy-in from you, Jason.

-- 
Kjetil T. Homme
Redpill Linpro AS - Changing the game

Re: [featurerequest] comments in .gpg-id files

[Kjetil Torgrim Homme]

On 2020-09-24 17:02, Arthur Lutz wrote:> One thing that would be neat
(and maybe is already possible) would be to
> have comments in the .gpg-id file to indicate who the key belongs to.
> Going from :
> 
>   cat teamA/.gpg-id
>   0123901293
>   0912385810
> 
> To
> 
>   cat teamA/.gpg
>   # bob
>   0123901293 
>   # alice
>    0912385810

we had the same challenge, so I patched this some time ago, see thread
"[PATCH] Allow comments in .gpg-id" from 2019-12-17.

it only accepts comments after the gpg-ids, though.  unfortunately,
Jason has not merged it upstream.  the patch is quite simple:

--- src/password-store.sh
+++ src/password-store.sh
@@ -99,6 +99,7 @@ set_gpg_recipients() {

 local gpg_id
 while read -r gpg_id; do
+gpg_id="${gpg_id%%#*}"# strip comment
 GPG_RECIPIENT_ARGS+=( "-r" "$gpg_id" )
 GPG_RECIPIENTS+=( "$gpg_id" )
 done < "$current"


-- 
Kjetil T. Homme
Redpill Linpro AS - Changing the game



signature.asc
Description: OpenPGP digital signature

Re: Bug Report

[Kjetil Torgrim Homme]

On 05/07/2020 20.53, Vasile Martiniuc wrote:

> you must be doing something different.  have you turned on SIGPIPE
> delivering signals?

>
I have not turned on SIGPIPE, this is turned on by default in the pass 
script: set -o pipefail


my bad, I forgot pass(1) did this.  you are correct, the code must be 
rewritten to avoid the extra SIGPIPE.


--
Kjetil T. Homme
Redpill Linpro - Changing the Game

Re: Bug Report

[Kjetil Torgrim Homme]

On 04/07/2020 01.09, Vasile Martiniuc wrote:

Good afternoon,

This line is wrong:
pass="$($GPG -d "${GPG_OPTS[@]}" "$passfile" | tail -n
+${selected_line} | head -n 1)" || exit $?

"head -n 1" (or "head -1") exits immediately after reading the first
line. And the "tail" is still writing to the pipe, but there is no
reader because "head" has exited.
It send SIGPIPE from the kernel and it exits with the status code 141.


why is this wrong?  the exit status of a pipeline is *just* the last 
command, and "head -n 1" exits successfully.


another example:

 : [kjetilho@ranger ~]; echo foo | false | head -1
 : [kjetilho@ranger ~]; echo ${PIPESTATUS[*]}, $?
 141 1 0, 0


You should not use "|| exit". The "${PIPESTATUS[@]}" is "0 141 0" and
the password is not copied to the clipboard if there are more than one
line.
I can't copy passwords if there are more lines (10, 20, 30...).



you must be doing something different.  have you turned on SIGPIPE 
delivering signals?  SIGPIPE should be ignored in most circumstances.


--
Kjetil T. Homme
Redpill Linpro - Changing the Game

Re: `pass git` exit code

[Kjetil Torgrim Homme]

On 6/24/20 10:23 PM, robpill...@gmail.com wrote:
> That's a fair point - my main reason for doing it this way was that I
> imagined exiting with the same code as the git command would be more
> useful, so users can treat `pass git [...]` as a transparent wrapper,
> particularly for commands that specify specific exit codes. Happy to
> change it if people would prefer the consistent use of die() / exit code
> of 1.

I would prefer to keep the information from git exit codes intact as
well, but this should be documented in the manual page.  I see there is
no EXIT CODES section today, so there isn't really any documented
behaviour to break.

-- 
Kjetil T. Homme
Redpill Linpro AS - Changing the game



signature.asc
Description: OpenPGP digital signature

Re: XDG Base Directory Specification

[Kjetil Torgrim Homme]

On 14/05/2020 09.28, password-st...@storiepvtride.it wrote:

Am 14.05.20 um 07:55 schrieb Serpent7776:


Maybe a good strategy could be to check in this order:

~/.password-store
$XDG_CONFIG_DIR/.password-store

Shouldn't this be:

~/.password-store
$XDG_DATA_HOME/.password-store

As I understand XDG_CONFIG_DIR should contain configuration files. Password
store is data, not configuration - so it should go to XDG_DATA_HOME.


Ah right, you're probably correct here, thanks for pointing that out!


to pick further nits - inside $XDG_DATA_HOME we should not be using 
hidden files, so make it $XDG_DATA_HOME/password-store


you can look at what others do, this should be ~/.local/share when 
XDG_DATA_HOME is not set.  to summarise, this should be the order used:


  $PASSWORD_STORE_DIR
  $HOME/.password-store
  ${XDG_DATA_HOME-$HOME/.local/share}/password-store

if none of these exist, the last value should be used as the default 
place to initialise a password store so new installations are compliant 
with the XDG.


--
Kjetil T. Homme
Redpill Linpro - Changing the Game

Re: pass migrate

[Kjetil Torgrim Homme]

On 08/04/2020 14.48, J Rt wrote:

Oooh, sorry I missed this, my bad, and thank you for pointing to this
:) . I think this is exactly what you said: a bit surprising this is
done by the init command. Do you think it would be reasonable to write
a 'thin wrapper' on the init command and call if for example migrate,
with a very easy / rigid syntax, so that n00bs like me do not get
confused and get confident about exactly what they do / how they
migate? :)



I suggested a patch to implement "pass reencrypt" in January:

Subject: [PATCH] add "pass reencrypt" sub command
Date: Tue, 7 Jan 2020 17:33:56 +0100

it is just slightly different from pass init - ie. it will use existing 
.gpg-id files.  so in your case, you would have to update .gpg-id 
manually before running the command.  whether this is better/more 
convenient than just running "pass init" I will leave for you to decide. 
 in our usecase, we have dozens of keys (belonging to members of our 
team) which give varying access to subfolders, so using "pass init" is 
very awkward when we get a new hire :-)


--
Kjetil T. Homme
Redpill Linpro - Changing the Game

Re: bug: blocking the whole computer in some cases

[Kjetil Torgrim Homme]

On 01/04/2020 12.20, Lenz Weber wrote:

The "asking" is done by gpg, pass has no way to check (or prevent) if
any asking is done.


well, pass knows the decrypt failed, so it could ask the user whether it 
should go on to the next file after N failures.



On 4/1/20 12:17 PM, J Rt wrote:

Ok, makes sense.

A 'more sophisticated' way would be to ask only once per key /
smartcard. But I guess this may be too much hazzle to implement
compared with the gain.

On Wed, Apr 1, 2020 at 12:10 PM Björn Fries  wrote:

Am 01.04.20 um 11:41 schrieb J Rt:

- I am using a smartcard for holding my private GPG key

same here


- when calling pass grep without the card, my system is blocked, I can
do nothing to exit.
- both clicking ok and cancel in the question box asking if I can
insert smartard do not help.

'pass grep' opens every encrypted file to look for the searched pattern.
pass doesn't know you use a smartcard for your private key. Every time
you cancel the question box, pass invokes gpg for the next file and gpg
asks again for your card.


- by contrast when doing a pass show for example without the card,
choosing cancel on the box asking to insert the card aborts and I get
my system back.

Because pass then only invokes gpg once.

Perhaps pass grep should stop after the first failure to decrypt a file,
but I think this would be wrong, as it could be intented that in a
shared passwordstore some files are not encrypted for a part of the
different users.

I would say [WONTFIX].



--
Kjetil T. Homme
Redpill Linpro - Changing the Game

Re: Allow to edit the commit message

[Kjetil Torgrim Homme]

Den 02.03.2020 17:08, skreiv Christian Weiss:
> 
> On 02.03.20 17:02, Kjetil Torgrim Homme wrote:
>> however "pass git commit --amend" will always work
> 
> But this requires that you are very disciplined - would not work for me,
> a i would forget it mutch to often.
> And in a team shared password store it will become alot more worse. I am
> against forcing humans to do extra steps just to be prepared for a
> restore. My2ct.
> 

that's why I suggested an alias/function so this is done for you.  if
you like, you can call your alias "pass", just prepend the calls to the
pass script inside the function with "command".

-- 
Kjetil T. Homme
Redpill Linpro - Changing the game



signature.asc
Description: OpenPGP digital signature
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/password-store

Re: Allow to edit the commit message

[Kjetil Torgrim Homme]

Den 29.02.2020 13:28, skreiv Gianluca Recchia:
> I like how pass works overall and the way it integrates with Git is great!
> However, there's one thing that I find slightly annoying: the default
> commit message is often not very descriptive of the change I made to an
> entry and I often find myself having to amend the commit in order to
> change the message.
> 
> I believe it would be an improvement in user experience if the user were
> given the ability to edit the commit message before committing, perhaps
> using the prepare-commit-msg hook to prefill the message buffer with
> what the default message would be, so that the user would only need to
> exit the editor if they're okay with the default message. Alternatively
> this could be optional in the local .gitconfig and overridable only for
> one command through a flag.

I agree with you that it can sometimes be useful to write something
else/more than "Edit password for /system/root using vi."

however "pass git commit --amend" will always work and be a no-op if you
don't change the commit message.  the only downside to this is that your
GPG passphrase has to be re-entered if you don't use a gpg-agent.

in other words, I suggest you make your own alias, something like

  mypass() {
pass "$@" && {
  case $1 in
edit|generate)
  pass git commit --amend
  ;;
  esac
}
  }

(for Bourne shell, typed directly into mail program, so it's untested)

-- 
Kjetil T. Homme
Redpill Linpro - Changing the game



signature.asc
Description: OpenPGP digital signature
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/password-store

Re: [PATCH] Filter out expired signing keys

[Kjetil Torgrim Homme]

On 07/01/2020 17.27, Kjetil Torgrim Homme wrote:
My pass installation wanted to reencrypt all files every time since the 
list it made of encryption keys associated with public keys included 
invalid (expired, revoked) keys as well as those that should be used.


I turned the logic from a sed expression to a function to make it more 
readable.


actually my checking for usable keys was inaccurate - but to my defense 
so was the code I based the patch on, ie. version 1.7.3


commit 5a52772156b44ef9785e91ab78ab2e1c3b1e510e changes the filtering by 
validity to exclude "i" (invalid), "d" (disabled) and "r" (revoked). 
the problem which motivated my patch was the status "e" for expired.  my 
patch takes the reverse approach and lists what values to allow rather 
than what not to allow.  I don't have a very strong opinion on which 
approach is better.  neither am I sure if it is correct to include keys 
which have unknown or undefined validity.


the inaccuracy alluded to in the introduction refers to field 12, 
capability.  it needs to check for D for disabled and accept capital E 
for encryption.


the new patch uses [[ ]] instead of a sequence of case statements to 
make the logic clearer.  the patch is now relative to master.



commit b037317f547e103b273e63a4d18025eac4a5c34f
Author: Kjetil Torgrim Homme 
Date:   Wed Jan 8 18:13:06 2020 +0100

only use encryption keys which are valid and enabled

see 
https://github.com/gpg/gnupg/blob/master/doc/DETAILS#description-of-the-fields


old version would encrypt to expired keys (field 2) and disabled 
keys (field 12)


diff --git src/password-store.sh src/password-store.sh
index 77f3eda..eb2e038 100755
--- src/password-store.sh
+++ src/password-store.sh
@@ -105,6 +105,21 @@ set_gpg_recipients() {
done < "$current"
 }

+# Take a list of public key ids and return valid encryption keys 
associated with them

+list_encryption_keys() {
+   $GPG $PASSWORD_STORE_GPG_OPTS --list-keys --with-colons "$@" |
+		while IFS=: read f1_type f2_validity f3 f4 f5_keyid f6 f7 f8 f9 f10 
f11 f12_capability fN

+   do
+   if [[ $f1_type == 'sub' && $f2_validity == [-qmfu] ]]; 
then
+   # validity is undefined, marginal, full or 
ultimate
+   if [[ $f12_capability != *D* && $f12_capability 
== *[eE]* ]]; then
+   # not disabled, usable for encryption
+   echo "$f5_keyid"
+   fi
+   fi
+   done | LC_ALL=C sort -u
+}
+
 reencrypt_path() {
local prev_gpg_recipients="" gpg_keys="" current_keys="" index passfile
 	local groups="$($GPG $PASSWORD_STORE_GPG_OPTS --list-config 
--with-colons | grep "^cfg:group:.*")"

@@ -125,7 +140,7 @@ reencrypt_path() {
 IFS=";" eval 'GPG_RECIPIENTS+=( $group )' # 
http://unix.stackexchange.com/a/92190

unset "GPG_RECIPIENTS[$index]"
done
-			gpg_keys="$($GPG $PASSWORD_STORE_GPG_OPTS --list-keys --with-colons 
"${GPG_RECIPIENTS[@]}" | sed -n 
's/^sub:[^idr:]*:[^:]*:[^:]*:\([^:]*\):[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[a-zA-Z]*e[a-zA-Z]*:.*/\1/p' 
| LC_ALL=C sort -u)"

+   gpg_keys="$(list_encryption_keys 
"${GPG_RECIPIENTS[@]}")"
fi
 		current_keys="$(LC_ALL=C $GPG $PASSWORD_STORE_GPG_OPTS -v 
--no-secmem-warning --no-permission-warning --decrypt --list-only 
--keyid-format long "$passfile" 2>&1 | sed -n 's/^gpg: public key is 
\([A-F0-9]\+\)$/\1/p' | LC_ALL=C sort -u)"




--
Kjetil T. Homme
Redpill Linpro - Changing the Game
commit b037317f547e103b273e63a4d18025eac4a5c34f
Author: Kjetil Torgrim Homme 
Date:   Wed Jan 8 18:13:06 2020 +0100

only use encryption keys which are valid and enabled

see https://github.com/gpg/gnupg/blob/master/doc/DETAILS#description-of-the-fields

old version would encrypt to expired keys (field 2) and disabled keys (field 12)

diff --git src/password-store.sh src/password-store.sh
index 77f3eda..eb2e038 100755
--- src/password-store.sh
+++ src/password-store.sh
@@ -105,6 +105,21 @@ set_gpg_recipients() {
 	done < "$current"
 }
 
+# Take a list of public key ids and return valid encryption keys associated with them
+list_encryption_keys() {
+	$GPG $PASSWORD_STORE_GPG_OPTS --list-keys --with-colons "$@" |
+		while IFS=: read f1_type f2_validity f3 f4 f5_keyid f6 f7 f8 f9 f10 f11 f12_capability fN
+		do
+			if [[ $f1_type == 'sub' && $f2_validity == [-qmfu] ]]; then
+# validity is undefined, marginal, full or ultimate
+if [[ $f12_capability != *D* && $f12_capability == *[eE]* ]]; then
+			

[PATCH] add "pass reencrypt" sub command

[Kjetil Torgrim Homme]

I was surprised to find there was no command to reencrypt a pass 
installation without specifying the key ids manually to pass init.  The 
code is basically there already, so this patch adds a "reencrypt" 
command (basically a copy of "init" with less code) which will use the 
correct .gpg-id files for each sub directory.



diff --git bin/pass bin/pass
index b17ec580e..c10680f97 100755
--- bin/pass
+++ bin/pass
@@ -264,6 +279,8 @@ cmd_usage() {
$PROGRAM init [--path=subfolder,-p subfolder] gpg-id...
Initialize new password storage and use gpg-id for encryption.
Selectively reencrypt existing passwords using new gpg-id.
+   $PROGRAM reencrypt [--path=subfolder,-p subfolder]
+	Selectively reencrypt existing passwords based on updated 
.gpg-id files.

$PROGRAM [ls] [subfolder]
List passwords.
$PROGRAM find pass-names...
@@ -349,6 +366,27 @@ cmd_init() {
 	git_add_file "$PREFIX/$id_path" "Reencrypt password store using new 
GPG id ${id_print%, }${id_path:+ ($id_path)}."

 }

+cmd_reencrypt() {
+   local opts id_path=""
+   opts="$($GETOPT -o p: -l path: -n "$PROGRAM" -- "$@")"
+   local err=$?
+   eval set -- "$opts"
+   while true; do case $1 in
+   -p|--path) id_path="$2"; shift 2 ;;
+   --) shift; break ;;
+   esac done
+
+	[[ $err -ne 0 || $# -gt 0 ]] && die "Usage: $PROGRAM $COMMAND 
[--path=subfolder,-p subfolder]"

+   [[ -n $id_path ]] && check_sneaky_paths "$id_path"
+	[[ -n $id_path && ! -d $PREFIX/$id_path && -e $PREFIX/$id_path ]] && 
die "Error: $PREFIX/$id_path exists but is not a directory."

+
+# set_git does a dirname operation, so trailing slash is needed
+   set_git "$PREFIX/$id_path/"
+
+   reencrypt_path "$PREFIX/$id_path"
+	git_add_file "$PREFIX/$id_path" "Reencrypt password store using 
updated .gpg-id files."

+}
+
 cmd_show() {
local opts selected_line clip=0 qrcode=0
opts="$($GETOPT -o q::c:: -l qrcode::,clip:: -n "$PROGRAM" -- "$@")"
@@ -688,6 +726,7 @@ COMMAND="$1"

 case "$1" in
init) shift;cmd_init "$@" ;;
+   reencrypt) shift;   cmd_reencrypt "$@" ;;
help|--help) shift; cmd_usage "$@" ;;
version|--version) shift;   cmd_version "$@" ;;
show|ls|list) shift;cmd_show "$@" ;;

--
Kjetil T. Homme
Redpill Linpro - Changing the Game
diff --git bin/pass bin/pass
index b17ec580e..c10680f97 100755
--- bin/pass
+++ bin/pass
@@ -264,6 +279,8 @@ cmd_usage() {
 	$PROGRAM init [--path=subfolder,-p subfolder] gpg-id...
 	Initialize new password storage and use gpg-id for encryption.
 	Selectively reencrypt existing passwords using new gpg-id.
+	$PROGRAM reencrypt [--path=subfolder,-p subfolder]
+	Selectively reencrypt existing passwords based on updated .gpg-id files.
 	$PROGRAM [ls] [subfolder]
 	List passwords.
 	$PROGRAM find pass-names...
@@ -349,6 +366,27 @@ cmd_init() {
 	git_add_file "$PREFIX/$id_path" "Reencrypt password store using new GPG id ${id_print%, }${id_path:+ ($id_path)}."
 }
 
+cmd_reencrypt() {
+	local opts id_path=""
+	opts="$($GETOPT -o p: -l path: -n "$PROGRAM" -- "$@")"
+	local err=$?
+	eval set -- "$opts"
+	while true; do case $1 in
+		-p|--path) id_path="$2"; shift 2 ;;
+		--) shift; break ;;
+	esac done
+
+	[[ $err -ne 0 || $# -gt 0 ]] && die "Usage: $PROGRAM $COMMAND [--path=subfolder,-p subfolder]"
+	[[ -n $id_path ]] && check_sneaky_paths "$id_path"
+	[[ -n $id_path && ! -d $PREFIX/$id_path && -e $PREFIX/$id_path ]] && die "Error: $PREFIX/$id_path exists but is not a directory."
+
+# set_git does a dirname operation, so trailing slash is needed
+	set_git "$PREFIX/$id_path/"
+
+	reencrypt_path "$PREFIX/$id_path"
+	git_add_file "$PREFIX/$id_path" "Reencrypt password store using updated .gpg-id files."
+}
+
 cmd_show() {
 	local opts selected_line clip=0 qrcode=0
 	opts="$($GETOPT -o q::c:: -l qrcode::,clip:: -n "$PROGRAM" -- "$@")"
@@ -688,6 +726,7 @@ COMMAND="$1"
 
 case "$1" in
 	init) shift;			cmd_init "$@" ;;
+	reencrypt) shift;		cmd_reencrypt "$@" ;;
 	help|--help) shift;		cmd_usage "$@" ;;
 	version|--version) shift;	cmd_version "$@" ;;
 	show|ls|list) shift;		cmd_show "$@" ;;
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/password-store

[PATCH] Filter out expired signing keys

[Kjetil Torgrim Homme]

My pass installation wanted to reencrypt all files every time since the 
list it made of encryption keys associated with public keys included 
invalid (expired, revoked) keys as well as those that should be used.


I turned the logic from a sed expression to a function to make it more 
readable.



diff --git bin/pass bin/pass
index b17ec580e..6bf21d6a9 100755
--- bin/pass
+++ bin/pass
@@ -108,6 +108,24 @@ set_gpg_recipients() {
done < "$current"
 }

+# Take a list of public key ids and return valid encryption keys 
associated with them

+list_encryption_keys() {
+   $GPG $PASSWORD_STORE_GPG_OPTS --list-keys --with-colons "$@" |
+		while IFS=: read f1_type f2_validity f3 f4 f5_keyid f6 f7 f8 f9 f10 
f11 f12_capability

+   do
+   [[ $f1_type = 'sub' ]] || continue
+   case $f2_validity in
+   [-qmfu])
+   : ;;  # undefined, marginal, full, ultimate 
validity
+   *)
+   continue ;; # expired, invalid, disabled, etc.
+   esac
+   case $f12_capability in
+   *e*) echo "$f5_keyid" ;; # usable for encryption
+   esac
+   done | LC_ALL=C sort -u
+}
+
 reencrypt_path() {
local prev_gpg_recipients="" gpg_keys="" current_keys="" index passfile
 	local groups="$($GPG $PASSWORD_STORE_GPG_OPTS --list-config 
--with-colons | grep "^cfg:group:.*")"

@@ -127,7 +145,7 @@ reencrypt_path() {
 IFS=";" eval 'GPG_RECIPIENTS+=( $group )' # 
http://unix.stackexchange.com/a/92190

unset "GPG_RECIPIENTS[$index]"
done
-			gpg_keys="$($GPG $PASSWORD_STORE_GPG_OPTS --list-keys --with-colons 
"${GPG_RECIPIENTS[@]}" | sed -n 
's/^sub:[^:]*:[^:]*:[^:]*:\([^:]*\):[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[a-zA-Z]*e[a-zA-Z]*:.*/\1/p' 
| LC_ALL=C sort -u)"

+   gpg_keys="$(list_encryption_keys 
"${GPG_RECIPIENTS[@]}")"
fi
 		current_keys="$(LC_ALL=C $GPG $PASSWORD_STORE_GPG_OPTS -v 
--no-secmem-warning --no-permission-warning --decrypt --list-only 
--keyid-format long "$passfile" 2>&1 | sed -n 's/^gpg: public key is 
\([A-F0-9]\+\)$/\1/p' | LC_ALL=C sort -u)"



--
Kjetil T. Homme
Redpill Linpro - Changing the Game
diff --git bin/pass bin/pass
index b17ec580e..6bf21d6a9 100755
--- bin/pass
+++ bin/pass
@@ -108,6 +108,24 @@ set_gpg_recipients() {
 	done < "$current"
 }
 
+# Take a list of public key ids and return valid encryption keys associated with them
+list_encryption_keys() {
+	$GPG $PASSWORD_STORE_GPG_OPTS --list-keys --with-colons "$@" |
+		while IFS=: read f1_type f2_validity f3 f4 f5_keyid f6 f7 f8 f9 f10 f11 f12_capability
+	do
+		[[ $f1_type = 'sub' ]] || continue
+		case $f2_validity in
+			[-qmfu])
+: ;;  # undefined, marginal, full, ultimate validity
+			*)
+continue ;; # expired, invalid, disabled, etc.
+		esac
+		case $f12_capability in
+			*e*) echo "$f5_keyid" ;; # usable for encryption
+		esac
+	done | LC_ALL=C sort -u
+}
+
 reencrypt_path() {
 	local prev_gpg_recipients="" gpg_keys="" current_keys="" index passfile
 	local groups="$($GPG $PASSWORD_STORE_GPG_OPTS --list-config --with-colons | grep "^cfg:group:.*")"
@@ -127,7 +145,7 @@ reencrypt_path() {
 IFS=";" eval 'GPG_RECIPIENTS+=( $group )' # http://unix.stackexchange.com/a/92190
 unset "GPG_RECIPIENTS[$index]"
 			done
-			gpg_keys="$($GPG $PASSWORD_STORE_GPG_OPTS --list-keys --with-colons "${GPG_RECIPIENTS[@]}" | sed -n 's/^sub:[^:]*:[^:]*:[^:]*:\([^:]*\):[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[a-zA-Z]*e[a-zA-Z]*:.*/\1/p' | LC_ALL=C sort -u)"
+			gpg_keys="$(list_encryption_keys "${GPG_RECIPIENTS[@]}")"
 		fi
 		current_keys="$(LC_ALL=C $GPG $PASSWORD_STORE_GPG_OPTS -v --no-secmem-warning --no-permission-warning --decrypt --list-only --keyid-format long "$passfile" 2>&1 | sed -n 's/^gpg: public key is \([A-F0-9]\+\)$/\1/p' | LC_ALL=C sort -u)"
 
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/password-store

Re: [PATCH] Allow comments in .gpg-id

[Kjetil Torgrim Homme]

On 18/12/2019 11.39, Rune Juhl Jacobsen wrote:
Ouch, it seems like my editor ate a newline in the diff; sorry. 
Hopefully this works better...



diff --git a/src/password-store.sh b/src/password-store.sh
index 77f3eda..ce3f7fb 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -99,7 +99,7 @@ set_gpg_recipients() {
verify_file "$current"
  
local gpg_id

-   while read -r gpg_id; do
+  grep -Eo '^[^#]+' | grep -Ev '^\s*$' | while read -r gpg_id; do
  GPG_RECIPIENT_ARGS+=( "-r" "$gpg_id" )
  GPG_RECIPIENTS+=( "$gpg_id" )
done < "$current" 


grep -o is very useful, but not portable (not in POSIX).

https://pubs.opengroup.org/onlinepubs/009695399/utilities/grep.html


"Amir Yalon"  writes:


It may be simpler to do gpg_id="${gpg_id%%#*}" instead. 


indeed, that is much simpler and more sensible!  why didn't I think of 
that :-)


--- src/password-store.sh
+++ src/password-store.sh
@@ -99,6 +99,7 @@ set_gpg_recipients() {

local gpg_id
while read -r gpg_id; do
+   gpg_id="${gpg_id%%#*}"# strip comment
GPG_RECIPIENT_ARGS+=( "-r" "$gpg_id" )
GPG_RECIPIENTS+=( "$gpg_id" )
done < "$current"


--
Kjetil T. Homme
Redpill Linpro - Changing the Game
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/password-store

Re: [PATCH] Use eval() to shell-parse $EDITOR for pass-edit

[Kjetil Torgrim Homme]

Den 28.11.2019 12:14, skreiv Jason A. Donenfeld:
> Do you have any other examples of EDITOR being eval'd in this manner?
> 

I agree with your skepticism.  It is best if pass(1) handles $EDITOR
like other scripts, I'm wary of breaking other people's setup.

I would write a trivial wrapper ~/bin/vimsecure and use that as my
$EDITOR, or even simpler, use EDITOR=vi :)

'shelltemp' 'stmp'  boolean (Vi default off, Vim default on)
global
{not in Vi}

-- 
Kjetil T. Homme
Redpill Linpro - Changing the game



signature.asc
Description: OpenPGP digital signature
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/password-store

Re: What to do when someone leaves a team?

[Kjetil Torgrim Homme]

On 11/8/18 4:28 PM, HacKan wrote:> Simply issue pass init again with the
new keylist, that's it :)

not really, since the person who left the team can check out an old copy
of the repository and use the key which was valid at that time to
decrypt all passwords.

I am afraid all passwords must be changed to be sure.  of course this
will always be true - that person could even have printed the passwords
and put them in a bank vault, where you can not get hold of them to
destroy the copy.

-- 
Kjetil T. Homme
Redpill Linpro AS - Changing the game



signature.asc
Description: OpenPGP digital signature
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/password-store

Re: [PATCH] Add support for XKCD-style wordlist passwords

[Kjetil Torgrim Homme]

Den 30. okt. 2018 12:10, skreiv Matthieu Weber:
> On Tue, 30 Oct 2018 at 10:33AM +0100, Kjetil Torgrim Homme wrote:
>> yes, but sometimes you need to enter this password by hand.  I use horse
>> battery passwords when I might need to enter the password on a mobile
>> phone or on a console in a chilly data centre in the middle of the
>> night.  both of these will often have problems with strange characters
>> or keyboard layouts (is "&" on Shift 6 or Shift 7?  since there is often
>> no echo, there is no way to be sure!)
> 
> So you want passwords that are easy to type: generate passwords that are
> made entirely of lowercase letters, all you need is 40% more characters
> to have the same entropy as a password made of alphanumerics+symbols
> i.e., 11 characters instead of 8. They will be easy enough to type even
> on exotic keyboards, and can be generated using only tools that pass
> uses already. All you need is to add to “pass generate” an option to
> reduce $CHARACTER_SET to [:lower:].

it is not easy to type wahseepienoofac on a mobile phone, IMHO.  but
adding periods (not hyphens!  the key moves around) will help - not for
entropy, but to make it easier to read and track how far I've gotten:

  wah.see.pie.noo.fac

(I just realised I am lucky that I never have qwertz or azerty in my
environment...  that would reduce the number of available letters to 21,
ertuiop/sdfghjkl/xcvbnm, by my count.  digits, comma and period brings
the total to 33.)

>> average length of 13 characters.  this doesn't really help entropy,
>> though.  489533 distinct words give 18.9 bits of entropy each, so the
>> above pass phrases (of four words) have 75 bits, or 5.74e+22.  still not
>> a huge amount, but the attacker would have to know that this is the
>> method I use to make pass phrases to successfully reduce his search space.
> 
> You can get 75 bits of entropy with 16 lowercase letters or 14
> mixed-case letters. That is surely easier to type than your example.

it really depends on your keyboard and brain :-)

-- 
Kjetil T. Homme
Redpill Linpro - Changing the game



signature.asc
Description: OpenPGP digital signature
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/password-store

Re: Get n, n1, n2 from password

[Kjetil Torgrim Homme]

On 06/29/2018 12:51 PM, Ben Oliver wrote:
> On 18-06-29 11:37:04, Steve Harriss wrote:
>> Is there any value in enabling pass to get just 3, or more, specific
>> characters from a password and just displaying them?
>>
>> A lot of banking sites now ask for specific numbered characters and,
>> in a longer password it can be challenging to get the 6th, 12th and 18th.
> 
> I have this exact use case too. Would be cool to be able to do this.
> 
> Out of interest, what would be the best way of doing it on the CLI anyway?

I've never seen this security "feature", but you use cut(1) to do this

  $ echo 1234567890 | cut -c2,4,7-9
  24789

-- 
Kjetil T. Homme
Redpill Linpro AS - Changing the game



signature.asc
Description: OpenPGP digital signature
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/password-store

Re: List all the passwords cleartext in a comprehensive way

[Kjetil Torgrim Homme]

Den 24. mai 2018 14:10, skreiv commentsab...@riseup.net:
> I have been using pass for years, my password stores contains over 500
> passwords and I would like to review them (I know that some of them are
> weak and/or old).
> 
> Is there an efficient way to do it?

"pass grep ." will do the trick, but the output format is different from
your desired tree.

-- 
Kjetil T. Homme
Redpill Linpro - Changing the game



signature.asc
Description: OpenPGP digital signature
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/password-store

Re: [PATCH] Check command to ensure basic sanity

[Kjetil Torgrim Homme]

Den 22. nov. 2017 20:56, skreiv Jaseem Abid:
> I recently noticed that I could not decrypt some files in the password store
> because I no longer had access to the keys. I also had some corrupt files. 
> This
> command adds some basic sanity checks to the password store and prints out 
> files
> it cannot successfully decrypt.
> 
> Exits 0 if everything is OK. Prints failed files and then exists with 1
> otherwise. Takes no arguments.
> 
> Code adapted from grep command with minor modifications.
> 
> If the basic approach is OK, I'll be happy to add tests, completion and
> documentation.

I like the idea, but this is a bit simplistic.  you might not be granted
access to all the files in the tree, so you should check against .gpg-id
as well.

-- 
Kjetil T. Homme
Redpill Linpro - Changing the game



signature.asc
Description: OpenPGP digital signature
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/password-store

Re: Symlinked files appear every search result

[Kjetil Torgrim Homme]

Den 12. okt. 2017 15:04, skreiv Allan Odgaard:
> On 12 Oct 2017, at 14:13, Daniel Marks wrote:
> 
> […] when I search for anything those links appear in every search
> result no matter what the search term is.
> 
> The issue seems to be with |tree|. The manual says:
> 
> |By default, when a symbolic link is encountered, the path that the
> symbolic link refers to is printed after the name of the link in the
> format: name -> real-path If the `-l' option is given and the symbolic
> link refers to an actual directory, then tree will follow the path of
> the symbolic link as if it were a real directory. |
> 
> The |pass| command uses |--prune| to suppress empty directories, but it
> seems to these symbolic links are not pruned.
> 
> Interestingly though, without the |-l| option (to follow symbolic links
> to folders) then |tree| /will/ omit the symbolic link info.
> 
> So as a workaround, you can remove |-l| from the call to |tree|.

thank you for this research.

I would like to see that change happen upstream.  I don't think the
duplication of output for every path to a named key is useful (the
intended(?) consequence of traversing symlinks to directories), and the
bogus (non-matching) output for file symlinks is just confusing.

-- 
Kjetil T. Homme
Redpill Linpro - Changing the game



signature.asc
Description: OpenPGP digital signature
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/password-store

Re: [PATCH] Don’t reencrypt data not managed by pass.

[Kjetil Torgrim Homme]

Den 25. jan. 2017 09:14, Sebastian Reuße skreiv:
> When keeping the password-store under git, it can make sense using a git
> extension such as git-annex instead of the native git object store to
> store the encrypted files. Inter alia, this allows one to selectively
> expire old copies of the encrypted data, while otherwise, one would need
> to recreate the complete repository when a key should no longer have
> access to some of the data.

if someone had access in the past, they had access to make a clear text
copy of everything if they wanted to.  if you worry about this, you need
to change all passwords, and who cares if they still have access to
outdated passwords through old revisions of the repository.  I don't
think makes much sense to rewrite history.

> Since using the git-annex object store means that *.gpg files (and
> directories named *.gpg) are kept under .git/… (non-writable), the
> reencryption logic used by pass currently fails. To remedy this, we now
> ignore everything kept under .git when looking for files to reencrypt or
> when grepping.

I see no reason to look inside .git/ anyway, so by all means :)

> - done < <(find "$1" -iname '*.gpg' -print0)
> + done < <(find "$1" -path '*/.git' -prune -o -iname '*.gpg' -print0)

simpler and more portable to use "-name .git" (although -iname and
-print0 are not POSIX either).

-- 
Kjetil T. Homme
Redpill Linpro - Changing the game



signature.asc
Description: OpenPGP digital signature
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/password-store

Re: Attachments (arbitrary files) in pass entries?

[Kjetil Torgrim Homme]

Den 25. jan. 2017 01:11, Marin Usalj skreiv:
> Maybe you can just encrypt it with gpg and store in the same file
> structure?
> One option is to gpg it with --armor and store in the same file, other
> option is to just create a separate file next to it.
> 
> Encrypt:
> $ gpg2 --output encrypted.gpg --compress-algo zlib --symmetric
> yourfile.png
> 
> Decrypt:
> $ gpg2 --output decrypted.png --decrypt encrypted.gpg


should be simple to implement a "pass store idcard.png work/office"
which adds the file as work/office/idcard.png.gpg to your password
repository, and a corresponding "pass view work/office/idcard.png" which
decrypts the file to (reasonably) secure tmpfs and launches xdg-open
(Linux) or similar for other platforms.

-- 
Kjetil T. Homme
Redpill Linpro - Changing the game



signature.asc
Description: OpenPGP digital signature
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/password-store

Re: [PATCH] stop using pwgen

[Kjetil Torgrim Homme]

Den 02. jan. 2017 08:43, Dahlberg, David skreiv:
> Am Sonntag, den 18.12.2016, 18:21 +0100 schrieb Jason A. Donenfeld:
>> On Sun, Dec 18, 2016 at 4:19 PM, Antoine Beaupré  wrote:
>>> /dev/urandom doesn't seem to exist in OpenBSD, as far as I could tell
>>> when i did my research, but I don't have an OpenBSD box on hand to
>>> test this either.
>>
>> Can anybody confirm or deny this assertion?
> 
> All /dev/[asu]?random devices do and are the the same.
> http://man.openbsd.org/OpenBSD-current/man4/random.4

I don't think that manual page was very enlightening, but this
discussion sheds more light on urandom's behaviour:

[https://news.ycombinator.com/item?id=8034265]

/dev/(u)random on BSD actually blocks until it has collected
enough entropy to get going, and doesn't block thereafter.

in other words, for pass(1) usage, /dev/urandom works just fine on OpenBSD.

-- 
Kjetil T. Homme
Redpill Linpro - Changing the game



signature.asc
Description: OpenPGP digital signature
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/password-store

Re: Displaying passwords as QR codes

[Kjetil Torgrim Homme]

On 2016-12-26 12:36, Martin Weis wrote:
> On 25.12.2016 02:52, Kjetil Torgrim Homme wrote:
>> just a note: Control-L will clear the terminal (surprisingly many people
>> I have met haven't discovered/learnt this.)
> 
> Here, it does *not* clean the terminal (gnome-terminal/Ubuntu). It just
> resets cursor to top of window. Even two times does nothing more, you
> can still scoll up and everything is readable (and therefore in RAM,
> too). OK, this may be a bugged teminal-application...

interesting!  I didn't realise this.  I can confirm that ^L in
gnome-terminal just scrolls the contents of the windows up.  I don't
think that is a bug, it is actually more convenient that way.

the workaround is to add less to the pipeline (and make sure you run
less without -X of course).

-- 
Kjetil T. Homme
Redpill Linpro AS - Changing the game



signature.asc
Description: OpenPGP digital signature
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/password-store

Re: Displaying passwords as QR codes

[Kjetil Torgrim Homme]

On 2016-12-22 06:06, Corey Moncure wrote:
> My reason for going with the graphical display was that I suspected
> gimmick terminal color settings in a graphical desktop, such as odd
> fonts or transparency, could interfere with the legibility of the
> output.  I had only looked at the -t ascii mode, not -t ansi, which is
> superior.  

"-t utf8" is even better, at least in my terminal, since it uses fewer
rows and easily fit within 80x24.  I'd add "-m 2" as well.

> The only benefits of the PNG approach are that the output ought to look
> the same regardless of the environment, and the display window is
> cleared very conveniently by pressing .  The drawbacks are that it
> only works in a graphical windowing environment and the additional
> dependency on ImageMagick.

an ephemeral graphical window would be nice, and testing for $DISPLAY is
simple enough (assuming X11).

> With -t ansi, it is possible, but very unlikely, that terminal color
> settings would result in an unreadable output.  The whole screen must
> be cleared if you want the output to go away.  On the other hand, no
> dependency and it works in plain old ttys.

just a note: Control-L will clear the terminal (surprisingly many people
I have met haven't discovered/learnt this.)


-- 
Kjetil T. Homme
Redpill Linpro AS - Changing the game



signature.asc
Description: OpenPGP digital signature
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/password-store

Re: [PATCH] stop using pwgen

[Kjetil Torgrim Homme]

Den 18. des. 2016 00:40, Antoine Beaupré skreiv:
> here are the ones I know of:
> 
> * head -c $ENTROPY | base64 | tr -d '=\n'
> * pwqgen - uses a wordlist and a specified entropy level
> * diceware - uses a wordlist and dicerolls (or /dev/random)
> 
> the latter two are meant to be "human-memorable". i am not sure that
> should be a goal of pass: the whole point of a password manager is to
> *not* have to remember passwords. making passwords memorable makes them
> weaker and easier to bruteforce, and should be avoided in our use case.

human-memorable also means human-typable.  sometimes you have to enter
passwords by hand, on a mobile phone, or on a console in a cold data
centre.  for the former, pass phrases are easier (you may even get help
from auto-correct ;), for the latter, a fourth category is useful:
keyboard layout agnostic passwords.  don't you hate it when you need to
enter a ";" in the password and you have no idea if you should press the
Ø-key or Shift-comma?

base64-encoded passwords fail both these use cases.  (all of /, + and =
move around.  even azy/qwz do ...)

-- 
Kjetil T. Homme
Redpill Linpro - Changing the game



signature.asc
Description: OpenPGP digital signature
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/password-store

Re: Protect .gpg-id

[Kjetil Torgrim Homme]

Den 07. des. 2016 17:52, Emile Cantin skreiv:
> As Brian said, in that particular case, I think Alice and Bob should use
> a repo where Eve doesn't have access, or at least write access.
> 
> I think the key here is that 'pass init' reads and re-encrypts
> everything with the new key(s), but Eve didn't actually use 'pass init'
> but did it manually (because she can't read the files). This leads to a
> situation where files in the directory are encrypted with a different
> set of keys than the ones present in .gpg-id, which might be detectable.
> Perhaps we can try to detect that kind of situation and throw a big
> nasty warning in these cases?

Alice and/or Bob must have Eve's public key in their keyrings in order
to encrypt to her key.  the addition of her key can be done
automatically by an eager e-mail client (quite common, in fact), but GPG
will still require Eve's key to be trusted, directly or indirectly.  Eve
might be able to trick others which Alice/Bob trust transitively into
trusting her key, though.

so here are some possible mitigations:

1) PASSWORD_STORE_GPG_OPTS="--trust-model direct"

this means each and every key in .gpg-id must be trusted explicitly and
individually by Alice and Bob before it is used to encrypt to that
recipient.

2) use a separate keyring for pass use, so that your e-mail client
doesn't mess around with pass keys.

  PASSWORD_STORE_GPG_OPTS="--keyring password-store.gpg"

you can even combine the two if you like.

-- 
Kjetil T. Homme
Redpill Linpro - Changing the game



signature.asc
Description: OpenPGP digital signature
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/password-store

Re: [pass] Password age report

[Kjetil Torgrim Homme]

Den 31. aug. 2016 17:48, Brian Candler skreiv:
> On 31/08/2016 16:43, Emile Cantin wrote:
>>
>> In light of the recent Dropbox leak, I wanted to know how old my
>> password was, and perhaps if I had any other old passwords that would
>> be due for a rotation. I don't think I can rely on the last
>> modification date on the files, as a fresh clone of my repo would have
>> today's date, even if the file was last modified in my repo in 2012. I
>> looked into how to do this with Git, but it's pretty
>> ungainly: 
>> http://serverfault.com/questions/401437/how-to-retrieve-the-last-modification-date-of-all-files-in-a-git-repository
>>
>> Keepass has an "expiration date" field which you can set when
>> generating a password, and it appears in a different color in the list
>> when expired.
>>
>> I think password age is a relevant metric for a password manager, but
>> pass doesn't currently offer any visibility into this.
>>
>> What do you think?
> This is (another) reason why it would be good if pass were to sign its
> GPG files. The signature includes a timestamp.

re-encrypting the files to a new set of keys will make a new signature.
you need to make the date part of the password file itself, or have pass
maintain some metadata in a separate file, e.g., "work/supplier.gpg"
could have a companion file "work/.meta.supplier.gpg", containing:

  created: 2015-03-02T14:25:02+0200
  updated: 2016-08-31T18:55:32+0200
  expire: never

the above syntax is valid YAML which can be useful if more complex
structures are wanted later.

it might be useful to allow encryption of the metadata to be optional.

-- 
Kjetil T. Homme
Redpill Linpro - Changing the game



signature.asc
Description: OpenPGP digital signature
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/password-store

Re: [pass] Override GPG path

[Kjetil Torgrim Homme]

On 08/02/2016 07:11 PM, Allen Li wrote:

Would pass's maintainer/users be open to adding a feature to overriding
the path to the GnuPG binary?  This does add some complexity, but I
think it is worth adding, for example if a user needs to use a custom
compiled binary sitting outside of the PATH.

My own use case is to force pass to use gpg even though gpg2 is
installed (for other reasons I won't go into), but I think generally
being able to configure GPG's path is a useful feature to have.

Any thoughts?


mkdir ~/bin
ln -s /opt/gpg/bin/gpg ~/bin/gpg2
export PATH=$HOME/bin:$PATH

:-)

--
Kjetil T. Homme
Redpill Linpro AS - Changing the game
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/password-store

Re: [pass] [Proposal] Blank line after each help item in help text

[Kjetil Torgrim Homme]

On 03/02/2016 05:28 PM, Matthias Beyer wrote:
> I'd like to have blank a line after each help-text item. It reduces the
> wall-of-text experience of `pass --help`.
> 
> Of course this is opinion-based... so I'd like to hear your opinion!

please no.  not everyone runs their terminal window in full-screen, you
know!  80x24 forever ;)

-- 
Kjetil T. Homme
Redpill Linpro



signature.asc
Description: OpenPGP digital signature
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/password-store

Re: [pass] [PATCH 1/1] sed(1) compatibility

[Kjetil Torgrim Homme]

On 02/09/2016 03:05 PM, Lucas Hoffmann wrote:
> You could also try to split the job into two regexes if there are too
> many differences between the sed versions we want to support.
> 
> `man tree` says that it will use $LS_COLORS. But as far as I understand
> it after some tests, this arbitrary escape sequence will only be used at
> the start of the file name.  After the file name it will always be
> "\e[00m".

no, this is dependent on your $TERM and your terminfo.  on my system, it
is "\e[0m", but it could be "\e[27m" as well (output from tput rmso).
of course, if $TERM is not a VT102 dialect, there is no telling what it
will look like, but it's probably not worthwhile to support such edge
cases :-)

> So my idea is to remove the check for arbitrary escape
> sequences after the gpg extension.  The file name on the other hand
> could contain the string ".gpg\e[00m -> " but I think we should not
> support that.
> 
> So we could simplify the regex and use two sed commands (but not two
> invocations of sed) like this:
> 
> tree ... | sed \
>   -e 's/\.gpg\(\x1b\[00m\)\{0,1\} -> /\1 -> /'  \
>   -e 's/\.gpg\(\x1b\[00m\)\{0,1\}$/\1/'

I support splitting up the expression, it is much easier to read.  but
do use "[0-9]+" instead of "00"

> Explanation: First we find a .gpg extension, possibly followed by a
> terminal attribute reset sequence, followed by an ascii arrow.  We
> remove the .gpg extension and leave the rest of the match intact.  This
> is *not* done globally.  So if this is found in any filename the output
> will be faulty.
> Next we find a .gpg and possibly the reset sequence at the end of a line
> and again only remove the .gpg extension.
> 
> Now we have a regex without branches and can hopefully get it to work on
> all sed implementations.
> 
> Obviously: Comments, bug reports, criticts ... welcome.

-- 
Kjetil T. Homme
Redpill Linpro - Changing the game



signature.asc
Description: OpenPGP digital signature
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/password-store

Re: [pass] Patch: Add spaces as needed when autocompleting (bash)

[Kjetil Torgrim Homme]

On 01/31/2016 03:06 PM, Anas Syed wrote:
> When one uses autocompletion on bash, autocompleting the only match
> doesn't add an extra space. This is necessary when we are completing
> directory names, however, when we are completing commands and other
> command line flags, then we want an extra space, as is usual with the
> completion for other programs.
> 
> I've fixed this by not passing "-o nospace" to complete, (so the default
> is that spaces are added). I then put "compopt -o nospace" whenever we
> don't want to add an extra space.
> 
> I have attached the patch that fixes this.

this works great!  thank you for sharing.

-- 
Kjetil T. Homme
Redpill Linpro - Changing the game



signature.asc
Description: OpenPGP digital signature
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/password-store

Re: [pass] Simple password store

[Kjetil Torgrim Homme]

On 01/29/2016 05:44 PM, Dashamir Hoxha wrote:
> But maybe the core dump or swap file issue applies to gpg-agent as well...

no, it turns off core dumps and uses mlock to avoid this problem.  a
shell script can't do the latter.

-- 
Kjetil T. Homme
Redpill Linpro - Changing the game



signature.asc
Description: OpenPGP digital signature
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/password-store

Re: [pass] Adding support for symmetric encryption

[Kjetil Torgrim Homme]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 2016-01-26 14:29, Dashamir Hoxha wrote:
> If they have your encrypted password files, most probably they also
> have your private keys. At least for most of the people, who are
> not using smartcards, yubikey, nitrokey, etc. (I am one of them).

not at all.  since the password-store is securely encrypted, it is
safe to use a third party as a distribution point, e.g., Github.  that
way, I can easily pull an updated store into each of my workstations.
 this does *not* give the admins at Github any access to my passwords.

- -- 
Kjetil T. Homme
Redpill Linpro AS - Changing the game
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iEYEARECAAYFAlaohc0ACgkQdwjfh75Cw0O0swCgsE9OY32U0au/ZiDQhgABeDdN
adUAn0OoNKL4f3oqAsJ+50TavCoWh+vD
=GYVB
-END PGP SIGNATURE-
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/password-store

Re: [pass] Encrypt filenames in the store

[Kjetil Torgrim Homme]

On 01/19/2016 01:14 PM, Michael Aquilina wrote:
> I'm actually fairly interested in this too. While having the names of my
> passwords on display is not a huge deal, it does leak some information
> in terms of what sites you've signed up for etc... 
> 
> If there was a way to hide this information, it would be an improvement IMO.
> 
> I do however understand that it moves away from the philosophy of
> keeping simple.
> 

step 1: keep your own copy of the password-store safe, in an encrypted
file system.

step 2: if you need to export your repository or share it with others,
use something like https://github.com/joeyh/git-remote-gcrypt (I have
not tested it myself, but it looks like a reasonably simple and safe way
to handle the problem.)


(I do not think the filenames I choose are sufficiently security
sensitive to mandate step 2.)

-- 
Kjetil T. Homme
Redpill Linpro - Changing the game



signature.asc
Description: OpenPGP digital signature
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/password-store

Re: [pass] [PATCH] generate: default length to 15 if not specified

[Kjetil Torgrim Homme]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 2015-12-18 19:41, Nathan Wallace wrote:
> Great, thanks Kevin.  My reasons for including the environment
> variable configuration probably had to do with the fact that I
> chose 15 characters as the default pretty arbitrarily.  It seems
> long enough to me, but maybe some folks with more security needs
> might want it to default to 20, for example.  I wasn't sure exactly
> what the best default length would be, so that's partly why I
> included the override.  But I think you make a good point about
> just overriding it on the command line, so I'll defer to you all!

I think you misunderstood Kevin.  he was bikeshedding the name of the
environment variable, not its existence.  and I agree,
"PASSWORD_STORE_LENGTH" is a fine name,
"PASSWORD_STORE_DEFAULT_LENGTH" is needlessly cumbersome.

(btw, I typically use 12, or 16 without symbols.  15 seems a
reasonable default for me.)

- -- 
Kjetil T. Homme
Redpill Linpro AS - Changing the game
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iEYEARECAAYFAlZ1/6oACgkQdwjfh75Cw0MQqQCfSuqs3mrYnsPRZ3+/0fRAEbPw
NIMAoIM3OKZSMUnxDYgvYdxe6u6fYmJU
=mF5v
-END PGP SIGNATURE-
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/password-store

Re: [pass] [PATCH] Added show obfuscation

[Kjetil Torgrim Homme]

On 11/28/2015 06:06 PM, Andrew DeMaria wrote:
> - Hides shown text using terminal color codes by default
> - Adds --no-color/-n option to remove coloring

hmm.  I prefer not changing the default behaviour.

> - By default display only the first line regardless of whether clip is
> specified

I don't like this change in behaviour either :-)

> - Full output can be toggled with --full/-f

but all of it is unreadable by default, even the non-secret stuff (which
is presumably in line 2 and below) ...  IMHO, this alone is a good
reason to avoid the negative option "no-color".  to avoid overlap with
"-c|--clip", I suggest "-r|--redact"

BTW, there have been many iterations of patches to implement "tail -n
+2" to only print the "non-secret" part of a file, perhaps you could
integrate some of those ideas as well.  e.g., Mike Hobbs in «to display
the remainder of a multi-line file with "show -c"», suggests to emit the
non-secret part when using xclip.  David Timothy Strauss had the same
idea in July, and Von Welch has advocated adding --tail to print this
part of the data.


> +SHOW_PASS_OBFUS='{ echo -en "$(tput setaf 1)$(tput setab 1)"; cat -; echo 
> -en "$(tput sgr0)"; }'
> +SHOW_PASS_CLEAR='{ cat -; }'
...
> +> +if [[ $clip -eq 0 && $no_color -eq 0 ]]; then
> +echo "${pass}" | eval "${SHOW_PASS_OBFUS}"

I really don't like eval, and it doesn't make the code easier to read or
validate.  how about using a function like this?

echo_pass() {
  local pass="$1"
  if [[ $no_color -eq 0 ]]; then
 echo -e "$(tput setaf 1)$(tput setab 1)${pass}$(tput sgr0)"
  else
 echo "$pass"
  fi
}

if [[ $clip -eq 0 ]]; then
  echo_pass "$pass"
else
  ...
fi


> +elif [[ $clip -eq 0 ]]; then
> +echo "${pass}" | eval "${SHOW_PASS_CLEAR}"
>  else
> -local pass="$($GPG -d "${GPG_OPTS[@]}" "$passfile" | head -n 1)"
> -[[ -n $pass ]] || exit 1
>  clip "$pass" "$path"
>  fi
>  elif [[ -d $PREFIX/$path ]]; then
> --
> 2.6.2


-- 
Kjetil T. Homme
Redpill Linpro - Changing the game



signature.asc
Description: OpenPGP digital signature
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/password-store

Re: [pass] Output from pass generate should go to stderr

[Kjetil Torgrim Homme]

On 09/14/2015 10:06 AM, Lie Ryan wrote:
> Currently, the output of `pass generate` cannot be piped into another
> command that expects a password because it contains git output and other
> interactive outputs. For example:
> 
> openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:2048
> -aes-256-cbc -pass file:<(pass example.com.key 30 2>/dev/null) -out
> example.com.key
> 
> Fails because pass outputs the git commit messages into the named pipe
> passed to -pass.
> 
> The attachment is rudimentary attempt to send most output from generate
> to stderr except the password itself.

I don't like that stderr contains output which aren't errors, so -1 from me.

> Maybe a better implementation is to have an explicit --quiet option?

that sounds like a good idea, yes.

-- 
Kjetil T. Homme
Redpill Linpro - Changing the game



signature.asc
Description: OpenPGP digital signature
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/password-store

Re: [pass] [PATCH][FEATURE] password-store.sh: added option for quick password showing

[Kjetil Torgrim Homme]

On 26/05/2015 09:04, cyberxndr . wrote:
 This code provides a quick way to retrieve one password from the tree. I
 would like to know is whether or not it is accepted.
 
 2015-05-13 13:35 GMT+03:00 cyberxndr:
 
 diff --git a/password-store/src/password-store.sh
 b/password-store-feature/src/password-store.sh
 index 47f7ffa..d5f6a59 100755
 --- a/password-store/src/password-store.sh
 +++ b/password-store-feature/src/password-store.sh
 @@ -223,9 +223,10 @@ cmd_usage() {
 List passwords.
 $PROGRAM find pass-names...
 List passwords that match pass-names.
 -   $PROGRAM [show] [--clip,-c] pass-name
 +   $PROGRAM [show] [--clip,-c] [--exclusive,-e] pass-name
 Show existing password and optionally put it on the 
 clipboard.
 If put on the clipboard, it will be cleared in $CLIP_TIME 
 seconds.
 +   Optionally, entry can contain * wildcard for quickly 
 exclusive passwords.
 $PROGRAM grep search-string
 Search for password files containing search-string when 
 decrypted.
 $PROGRAM insert [--echo,-e | --multiline,-m] [--force,-f] 
 pass-name
 @@ -294,12 +295,13 @@ cmd_init() {
  }

speaking just for myself, I find --exclusive a misleading/confusing name
for this option.  I think it would be better to just make this the
default behaviour, no option needed.

suggested updated usage.  I leave the implementation to someone else :-)

  $PROGRAM [show] [--clip,-c] pass-name
  Show existing password and optionally put it on the clipboard.
  If put on the clipboard, it will be cleared in $CLIP_TIME seconds.
  Pass-name can contain wildcards (*) or be a substring.  If it
  matches uniquely, operate on that password file.

-- 
regards,
Kjetil T. Homme




signature.asc
Description: OpenPGP digital signature
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/password-store

Re: [pass] [PATCH 2/2] clip: add GPaste support

[Kjetil Torgrim Homme]

On 2015-02-04 09:26, Dahlberg, David wrote:
 Am Dienstag, den 03.02.2015, 17:47 +0100 schrieb Marc-Antoine Perennou:
 
 diff --git a/src/password-store.sh b/src/password-store.sh
 [..]
 +   which gpaste /dev/null  gpaste help | grep password
 /dev/null  gpaste=1
 
 Pardon my Evolutions bad quoting :-(

(looks good to me?)

 I do not know gpaste, nor can I easily apply patches in my current
 setup, but may I suggest grep -q password instead of grep password
 /dev/null?

is GNU grep a requirement already?

btw, I think you could just as well skip which(1) (see previous rant
about which from me on this list :-) and do

  (gpaste help | grep password) /dev/null  gpaste=1

if gpaste doesn't exist, no harm is done.

-- 
Kjetil T. Homme
Redpill Linpro AS - Changing the game



smime.p7s
Description: S/MIME Cryptographic Signature
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/password-store

Re: [pass] Output to less (or another pager)

[Kjetil Torgrim Homme]

On 01/19/2015 02:05 PM, Are wrote:
 In an environment where my terminals may be viewed by others, I would
 prefer to not having my passwords listed in the scrollback buffer. The
 easy solution to this is to pipe the command through a pager like
 'less'. However, it would be better if this would be automatic and I
 have patched the pass script to make use of the $PAGER variable - if it
 exists and contain something sensible.


if [[ $clip -eq 0 ]]; then
-   exec $GPG -d ${GPG_OPTS[@]} $passfile
+   if [ -n ${PAGER} -a $(which ${PAGER}|wc -l) -eq 1 ]; then
+   exec $GPG -d ${GPG_OPTS[@]} $passfile | ${PAGER}
+   else
+   exec $GPG -d ${GPG_OPTS[@]} $passfile
+   fi


which(1) is traditionally a csh script which reads .cshrc(!) to evaluate
the correct $PATH.  needless to say, .cshrc and .bashrc have been known
to diverge.  in modern Linux which(1) has been replaced by a binary, but
still, I think it is better to use the bash builtin if you need to check
this (that is, type).  in actual fact I think this is superfluous, if
you've set $PAGER you'd better set it to a sensible value.

my preferred way of coding this would be forego the if test and the
duplication of the gpg command line it requires, and instead add a
potential useless cat to the command:

-   exec $GPG -d ${GPG_OPTS[@]} $passfile
+   exec $GPG -d ${GPG_OPTS[@]} $passfile | ${PAGER:-cat}

although, since many people probably like the existing behaviour in
pass(1) *and* they have set $PAGER already, I think it is better to make
it opt-in by using a pass(1) specific variable.  my suggested patch is
therefore:

-   exec $GPG -d ${GPG_OPTS[@]} $passfile
+   exec $GPG -d ${GPG_OPTS[@]} $passfile | ${PASS_PAGER:-cat}



-- 
Kjetil T. Homme
Redpill Linpro - Changing the game



signature.asc
Description: OpenPGP digital signature
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/password-store

Re: [pass] [PATCH] clip: Show an error message if xclip returns a non-zero exit code

[Kjetil Torgrim Homme]

On 01/19/2015 11:45 AM, Jason A. Donenfeld wrote:
 On Fri, Jan 16, 2015 at 8:38 PM, Wieland Hoffmann themi...@gmail.com wrote:
 
 echo -n $1 | xclip -selection $X_SELECTION
 +   [ $? -ne 0 ]  die Error: Could not copy data to the
 clipboard.
 
 
 Pass uses [[ and ]] when it can.

in this case, that gratuitous bashism :) can easily be avoided by the
IMHO more idiomatic:

echo -n $1 | xclip -selection $X_SELECTION ||
die Error: Could not copy data to the clipboard.

-- 
thanks,
Kjetil T. Homme
Redpill Linpro - Changing the game



signature.asc
Description: OpenPGP digital signature
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/password-store

Re: [pass] pass and par2

[Kjetil Torgrim Homme]

On 2014-09-21 19:40, Jason A. Donenfeld wrote:
 I'm a bit confused. What does this do? What is this?

par2 is a technique like RAID6 which you can apply on individual files.
 it was/is quite popular for binary postings on Usenet, where it was
common for pieces to be lost.

IMHO the complexity is not worthwhile for pass, since it is so easy to
use Git to replicate data to redundant spindles and/or servers (even
Github or similar services.)

-- 
regards,
Kjetil T. Homme




smime.p7s
Description: S/MIME Cryptographic Signature
___
Password-Store mailing list
Password-Store@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/password-store