Re: Password managers
On Thu, 9 Nov 2023 12:46:23 -0500
Todd Zullinger <tmz@pobox.com> wrote:
> Hi,
>
> paulf@quillandmouse.com wrote:
> > I have a bash/GPG based password manager I wrote years ago, but I'd
> > like to use something more "accepted/popular". The problem I have
> > with the other password managers I've looked at is that you can
> > store a very limited amount of information for each "account". For
> > example, for one of my logins, I may have to store the answers to
> > three security questions, an account login, email address, the
> > actual password, and maybe the mobile phone number associated with
> > the login. I also object to my password information being stored
> > online by some password manager vendor.
> >
> > Does anyone know of a password manager which will store a variety of
> > user-defined information for each login, and not store that
> > information on the internet (and which is free as in beer)?
>
> You may like pass[1]. It's a bash script which uses gpg, so
> it's somewhat familiar to what you've written in a sense.
>
> It supports random data via the --multiline (-m) option.
>
> It's locally hosted (though you can use online syncing tools
> if you want). There are a a good number of alternative
> clients for it as well, to suit various use cases or
> environments.
>
> [1] https://www.passwordstore.org/
>
Excellent suggestion!
I can't get it to work properly, because there must be something
fundamentally missing in my understanding of GPG, etc.
To initiate the store, you use the following command:
pass init <gpg-id>
If I feed this my master password for the "gpg-id", the .gpg-id file in
the password store shows my master password in the clear. This can't be
right. None of the docs explain what a "gpg-id" actually is.
I found some docs on Redhat's site where you could generate a gpg file:
gpg --full-generate-key
This asks a bunch of questions, and asks me for my master password. It
generates a file: ~/.gnupg/pubring.kbx, and add a couple of hex strings
in ~/.gnupg/private-keys-v1.d. Seems like I should be using one of
those strings as my private key for gpg-id, but which one?
I'm really not sure what to give the init command for a gpg-id. Any
help would be much appreciated.
Paul
--
Paul M. Foster
Personal Blog: http://noferblatz.com
Company Site: http://quillandmouse.com
Software Projects: https://gitlab.com/paulmfoster
Reply to: