Re: [PATCH] pass find: Add --find flag

On Sun, Sep 24, 2023 at 11:44:14PM +0200, Alejandro Colomar wrote: The tail(1) above is to hide the search terms. maybe the "Search Terms: $*" output should just be skipped in --find mode.

Re: pass grep --color=never

On Thu, Oct 06, 2022 at 04:44:58PM +0200, Knut Olav Bøhmer wrote: Hi, I would like to enable output without color. I also have on the wish list to print passfile_dir with a leading slash. i'm assuming you need this for passing pass' output to another program. how about using something like

Re: [PATCH] Do not add newline at the end of the password

On Thu, Apr 14, 2022 at 01:26:47PM +0200, Daniel Mach wrote: SaltStack strips leading/trailing whitespaces from the password [1], because pass adds a newline when entering passwords interactively. Pass is capable of storing multiline passwords which are stored as provided. That includes storing

Re: [feature suggestion] copy one line, print the rest

On Fri, Jan 08, 2021 at 01:16:00AM +0100, jman wrote: I think you can achieve this with a short script, something along this idea: $ cat pass.sh #!/bin/sh pass -c $1 pass $1 | tail -n +2 having this feature in pass, would allow it to be handled in a single call to gpg. your script (and the

Re: [PATCH] Suppress tr's stderr in the generate function

Why? What problem did you run into that you want to hide _all_ error messages from tr?

Re: [PATCH] --fullpath option for find subcommand

On Tue, Apr 14, 2020 at 07:28:17PM +0100, Nils Andre wrote: I think it would be best to have cmd_find as a wrapper around tree similarly to how it works with git rather than like this where we translate `-f|--fullpath` to something else. I'm not sure what you mean. like pass all the flags

[PATCH] --fullpath option for find subcommand

--- I know that this has been discussed in the past; apologies if it's inappropriate to bring it up again. I believe this patch is an improvement over previous iterations, as it does not duplicate the call to tree (or introduce a call to find). I'm not sure if $PREFIX should be escaped (how?)

Re: Allow to edit the commit message

On Sat, Feb 29, 2020 at 01:28:11PM +0100, Gianluca Recchia wrote: the default commit message is often not very descriptive of the change I made to an entry and I often find myself having to amend the commit in order to change the message. What kind of information are you putting in there,

Re: Windows implementation of passwordstore in pure batch

(apologies, sent from a wrong/nonexistent email address before) On Sat, Feb 15, 2020 at 10:21:55PM +0100, Jason A. Donenfeld wrote: I wonder if in the intervening years a reliable non-kludgy detection mechanism has been discovered. what about env vars? I've got XDG_SESSION_TYPE=x11 and

Re: user and pass on same record

many browser extensions and other 3rd party implementations have more or less standardized on http-header-style fields, like to: login: : (instead of 'login', some also accept 'user' and/or 'email') I don't think pass(1) has the ability to deal with this directly, although someone has

Re: [PATCH] Use eval() to shell-parse $EDITOR for pass-edit

On Thu, Nov 28, 2019 at 10:15:24PM +0100, Allan Odgaard wrote: I don’t know what the above is, but that does not use `eval` and it apologies for the noise; it does indeed say 'exec' and not 'eval'. as to not make this message a complete waste: I've peeked at github's code search and googled

Re: [PATCH] Use eval() to shell-parse $EDITOR for pass-edit

On Fri, Nov 29, 2019 at 09:51:42AM +1300, martin f. krafft wrote: That's all I have in /usr/bin here ;) I've got /usr/bin/i3-sensible-editor and it _does_ eval it (not that i have a strong opinion on this topic): for editor in "$VISUAL" "$EDITOR" nano nvim vim vi emacs pico qe mg jed

Re: [PATCH] Optionally include trashed items when importing from 1Password

On Wed, Sep 04, 2019 at 01:11:30PM -0400, John Franklin wrote: +options.trashed = false I'm no 1Password user, but I'd err on the side of caution and import trashed items by default too (into a subdirectory "trashed" for example). When the user imports them but didn't want to, they can rm -r

Re: Feedback- pipeline usage, --field support

The mails in question: https://lists.zx2c4.com/pipermail/password-store/2019-July/003714.html https://lists.zx2c4.com/pipermail/password-store/2019-July/003719.html On Thu, Aug 15, 2019 at 04:30:18PM +, Robert Ames wrote: $ ./src/password-store.sh ls | grep dream you can also use `pass

Re: pass generates very weak passwords with busybox's tr

On Tue, Jul 16, 2019 at 09:18:30PM +0200, Tobias Girstmair wrote: I don't know which sed(1) Alpine packages, but you might be able to use sed 's/[^[:graph:]]//g' instead of tr(1). But I think requiring a greater-than-busybox is fine for pass. Oh, as an addendum: busybox' tr just

Re: [PATCH] show, insert: handle password with empty name

On Fri, Jul 12, 2019 at 04:45:17PM +0200, Rémi Lapeyre wrote: This changes both `pass insert` to require the --force flag when writing such a password and fix `pass show` to list the passwords (note that why would you want to ever insert an unnamed entry? if anything, this should be an error.

Re: PATCH: add -n or -nontree option in find

I believe you can get rid of the tmp_file by using a subshell. (untested) + find "$PREFIX" -follow -type d -iname "*${@}*" 2>/dev/null | while read f + ( + do + find "$f" -follow -type f -iname '*.gpg' 2>/dev/null + done + find "$PREFIX"

Re: PATCH: add -n or -nontree option in find

On Tue, Apr 02, 2019 at 01:09:44AM +0100, higuita wrote: Hi On Mon, 25 Mar 2019 11:36:32 -0300, OSiUX wrote: Adding -n or --notree: +1 to this, please merge this for everyone to be able to use it. +1 to the idea, but I have some proposals for improvement: - this would be nice for

Re: user gone and expiring access

On Fri, Feb 22, 2019 at 11:55:22AM +1300, Steve Gilberd wrote: Lars - nothing prevents the user from using the Yubikey to create a decrypted copy, hardware tokens generally don't allow you to extract the private key again. or re-encrypting to an additional key controlled by the user.

Re: [PATCH] Add command 'check' to check passwords against HIBP

This already exists as the 'pass audit' extension. https://github.com/roddhjav/pass-audit/ I've contributed zxcvbn strength checking ;-) On a whole, the pass project has moved to encouraging people to write extensions instead of extending the main script, as it has gotten way longer than

Re: my dumb mistake

if you're using git there should* be a commit added for each change. type 'pass git log' to verify if there are two entries for 'foo' (i.e. "Edit password for foo using vim."), and if that's the case, undo the latest commit with 'pass git revert HEAD~1'. lg * famous last words On Tue,

Re: [PATCH] Add option '-m' to generate to add additional multiline data.

On Sun, Jan 13, 2019 at 08:50:22PM -0800, Pass Word wrote: One nice thing about the multiple -m options on the command line is you could do something like this: -m "user: "$(pass generate -n deleteme 10 2>/dev/null| tail -1) That seems like a very niche use case. And you could do the same in

Re: [PATCH] Add option '-m' to generate to add additional multiline data.

That's something that has been bugging me for years! Is there any reason why `generate -m` doesn't expect lines on stdin, like `insert -m` does? lg On Thu, Jan 10, 2019 at 03:33:30PM +0100, Calin Iorgulescu wrote: Hello, This patch adds the '-m' flag to 'generate', allowing the user to

Re: [PATCH] Add support for XKCD-style wordlist passwords

I think there is a place for rememberable passwords in a password manager, for example credentials for logging into a graphical session (where you can't (easily) use a password manager). I do think that this is better made an extension than implemented into pass itself though. This would allow

Re: Get n, n1, n2 from password

pass my_bank_pin | cut -b 1,4,7,21 cut(1) can do that just fine. On Fri, Jun 29, 2018 at 11:37:04AM +0100, Steve Harriss wrote: > Is there any value in enabling pass to get just 3, or more, specific > characters from a password and just displaying them? > > A lot of banking sites now ask for

Re: Security Vulnerability: Faulty GPG Signature Checking

On Fri, Jun 15, 2018 at 08:57:57AM +0300, Matthieu Weber wrote: > It is very difficult to write correct programs in C, and very easy to > write C programs with security holes in it. Since the topic here is > security, I would advise against C. Go, Rust, Java even, or scripting > languages such as

Re: Security Vulnerability: Faulty GPG Signature Checking

Thanks for this update -- very much appreciated. :-) A few thoughts below. On Thu, Jun 14, 2018 at 05:09:35PM +0200, Jason A. Donenfeld wrote: > Our recommendations for authenticity and integrity > continue to be to enable git commit signing, which pass has built-in > support for. Maybe this

Re: List all the passwords cleartext in a comprehensive way

You can't do that directly, but a simple shell script[0] 'll do the trick. There's also pass-audit[1], which might be better suited. It checks your password-store against haveibeenpwned.com's password list and also evaluates the complexity using Dropbox' zxcvbn password strength estimator. (I've

Re: Annoyance with pass + dmenu

I've written a very small 'visual bell'-like tool for this purpose. It blinks the whole screen green if `pass -c` worked or red if it didn't. if [[ $? -eq 0 ]]; then xvisbell g else xvisbell r fi https://github.com/girst/xvisualbell davidroman96

Re: [PATCH 0/6] Add new option: --next-clip,-C for commands: `generate`,`show` that will enable using an alternative clipboard than the default

I'm confused as to why this patch comes to be. Using the env.var works quite well to set which selection pass shall use. (e.g. `PASSWORD_STORE_X_SELECTION=primary pass -c git` puts my git password into the primary (== middle click) selection as expected) about the patch itself: - renaming the

Re: Inheritance

or all data. Regards, Till Am Montag, 30. Oktober 2017, 20:49:40 CET schrieb Tobias Girstmair: > You could use a symlink containing only your password, and have a meta file > containing username and login url for each entry. see the homepage: > > And yet another approach might

Re: Bug: pass find and symlinking

seems to be a bug in tree(1) itself, see discussion here: https://lists.zx2c4.com/pipermail/password-store/2017-October/003064.html Till Schäfer schrieb am 20:38 Montag, 30.Oktober 2017: Hi, pass so far works fine with symlinks. However, pass find always

Re: Inheritance

You could use a symlink containing only your password, and have a meta file containing username and login url for each entry. see the homepage: > And yet another approach might be to store the password in Amazon/bookreader > and the additional data in Amazon/bookreader.meta. I do not know how

Re: Print out only first line

piping pass through 'head' is safe, but using that output as a command line parameter makes it visible in 'ps ax' for all users for the whole time 'dummyProgram' is running. 'sshpass' manpage[1] explores other options; my favourite being using an environment variable to get the password to

Re: Password Mapping

There has been some discussion this month about using tomb[1] in combination with pass; this might be what you are looking for. About the "security through obscurity": I think this is a valid concern; the homepage[2] does address this partially with storing user names in `.meta` files (which

Re: [RFC] Extensions

I like it. It behaves as one expects it to. One question: why the `.bash` suffix? (Seems unnecessary to me, but maybe that's just personal preference) Jason A. Donenfeld schrieb am 3:14 Montag, 19.Dezember 2016: Hi, I implemented extensions. $ echo 'echo I am an

Re: [PATCH] stop using pwgen

Antoine Beaupré schrieb am 0:40 Sonntag, 18.Dezember 2016: > I believe that "head", "base64" and "tr" are UNIX tools. true. I'd still prefer a tool made for something like that. > to be fair, it is much better than it was now. i don't think there are > any known

Re: [PATCH] stop using pwgen

I'm against it. IMHO the `pass` philosophy is to utilize UNIX tools instead of rolling one's own. `base64` is not compatible with any password rules that require a special character. Jason A. Donenfeld schrieb am 23:57 Samstag, 17.Dezember 2016: I'll seriously consider

Re: [pass] ***UNCHECKED*** Re: [Feature Request] Add a `--raw` option to `pass ls`

On Thu, Nov 10, 2016 at 02:45:34AM -0500, Linden Krouse wrote: >Having to do this repeatedly, or create and store a script >specifically to >do this just adds more hassle to pass. exactly. >Lastly, at least one other person has written a patch to add this >feature >so it

Re: [pass] [Feature Request] Add a `--raw` option to `pass ls`

>TL;DR We don't need `pass ls --raw` because we have `ls -1` well, `ls -1` doesn't exactly provide a recursive output. this could be done with a convoluted tree statement (see my patch) or this find one (which isn't simpler, and I haven't checked for symlinks or other strange things):