mcwitt/Org GFM Export.txt

## *Org GFM Export*.txt
- [Install Git for Windows](#org3d5723d)
  - [Generate ssh key pair](#org9959fe7)
  - [<a id="org5914e59"></a> Clone `password-store` repository from GitLab](#orgb4c5a66)
  - [Install [pass-winmenu](https://github.com/geluk/pass-winmenu).](#org777c403)
  - [<a id="org4c41407"></a> Set up `gpg`](#orge119e17)
  - [Test decrypting a password](#orgca8e572)
  - [Mark key pair as trusted](#org3cd2994)
  - [(Optional) Delete expired gpg keys](#org9f729b2)


<a id="org3d5723d"></a>

# Install Git for Windows

1.  Go to <https://git-scm.com/download/win>. Download will start automatically.
2.  Run the downloaded installer
3.  Choose all default options


<a id="org9959fe7"></a>

# Generate ssh key pair

1.  Open the "Git Bash" application. (You can also use the Cygwin terminal if Cygwin is installed.)
2.  Check whether ssh key pair exists

    ```sh
    ls ~/.ssh
    ```

    If `id_rsa` and `id_rsa.pub` already exist, skip to [3](#org5914e59).
3.  **Do only if `id_rsa` and `id_rsa.pub` do not exist.** At the prompt, run

    ```sh
    ssh-keygen
    ```

    Choose the default location and use an empty passphrase


<a id="orgb4c5a66"></a>

# <a id="org5914e59"></a> Clone `password-store` repository from GitLab

1.  Log into [GitLab](https://gitlab.com/)
2.  From the top-right menu, choose "Settings"
3.  In the left pane, click on "SSH Keys"
4.  Copy the contents of the file `~/.ssh/id_rsa.pub` to the clipboard
    -   In Git Bash, run

        ```sh
        cat ~/.ssh/id_rsa.pub
        ```
    -   Copy the output (starting with `ssh-rsa`) to the clipboard by highlighting and pressing Ctrl-Insert
    -   Paste into the text box under "Key" (using Shift-Insert)
    -   Click "Add Key"
5.  Navigate to the `password-store` project in GitLab
6.  Click "Clone" in the top right
7.  Click the clipboard icon to the right of the text under "Clone with SSH" to copy to the clipboard
8.  In Git Bash, type `git clone` and paste the text copied in the step above (after a space). You will be prompted to confirm the connection. Answer "yes" and press enter.
9.  Rename the `password-store` folder to `.password-store` using

    ```sh
    mv password-store .password-store
    ```

    or, in equivalent shorthand

    ```sh
    mv {,.}password-store
    ```


<a id="org777c403"></a>

# Install [pass-winmenu](https://github.com/geluk/pass-winmenu).

1.  Navigate to the [pass-winmenu](https://github.com/geluk/pass-winmenu) repo on Github. Click on the "Releases" tab.
2.  Download the zip file for version 1.9.1. The filename is `pass-winmenu.zip`. (Note: do **not** download the file with the `nogpg` suffix.)
3.  Unpack the zip file to the root directory (e.g. `C:\`)
4.  Inside the unzipped folder, run the `pass-winmenu` executable. You will get an alert saying "no private keys found". Ignore this for now.


<a id="orge119e17"></a>

# <a id="org4c41407"></a> Set up `gpg`

1.  Locate the `pass-winmenu` icon in the system tray (you may need to click the "^" icon)
2.  Right click on the `pass-winmenu` tray icon and select "Open Shell"
3.  Assuming the secret key file is located at `D:\secret.asc`, run the following

    ```sh
    gpg --import D:\secret.asc
    ```


<a id="orgca8e572"></a>

# Test decrypting a password

Basic setup is finished at this point. You can test operation as follows:

1.  `Ctrl+Alt+p` to bring up selector
2.  Type to narrow search, Enter to select
3.  You should see a pop-up indicating that the password has been copied to the clipboard


<a id="org3cd2994"></a>

# Mark key pair as trusted

You will need to mark the imported key pair as trusted in order to use it to encrypt new passwords.

1.  Right click on the `pass-winmenu` tray icon and select "Open Shell"
2.  <a id="org74b4ade"></a> At the prompt, type

    ```sh
    gpg --list-keys
    ```
3.  <a id="org5f374b9"></a> Note the key id of the key pair imported in step [5](#org4c41407). The id is the long hex string on the second line of each record. For example, for the output

    ```
    /Users/matt/.gnupg/pubring.gpg
    ------------------------------
    pub   rsa2048 2018-09-27 [SC] [expires: 2020-09-26]
          62B64C7C2B289D7AB0AD9DD9B2E52431E1732637
    uid           [unknown] Matthew Wittmann <mcwitt@gmail.com>
    sub   rsa2048 2018-09-27 [E] [expires: 2020-09-26]
    ```

    The key id is `62B64C7C2B289D7AB0AD9DD9B2E52431E1732637`. (Note the `[unknown]`, meaning this key pair is currently untrusted.)
4.  Run the following command, substituting the example key id with the one determined in step [3](#org5f374b9)

    ```sh
    gpg --edit-key 62B64C7C2B289D7AB0AD9DD9B2E52431E1732637
    ```
5.  At the `gpg>` prompt, type `trust`. When prompted for the trust level, choose "5" (ultimate)
6.  Type `Ctrl+d` to exit


<a id="org9f729b2"></a>

# (Optional) Delete expired gpg keys

1.  Right click on the `pass-winmenu` tray icon and select "Open Shell"
2.  <a id="org91a069d"></a> Refer to [2](#org74b4ade) and [3](#org5f374b9) above to find the key id of the key pair you want to delete. There should be some indication in the output of `gpg --list-keys` as to which keys are expired.
3.  To delete the secret key, run (substituting your key id from [2](#org91a069d))

    ```sh
    gpg --delete-secret-key <key-id>
    ```

    Answer affirmatively all of the prompts.
4.  To delete the public key,

    ```sh
    gpg --delete-key <key-id>
    ```
	- [Install Git for Windows](#org3d5723d)
	- [Generate ssh key pair](#org9959fe7)
	- [<a id="org5914e59"></a> Clone `password-store` repository from GitLab](#orgb4c5a66)
	- [Install [pass-winmenu](https://github.com/geluk/pass-winmenu).](#org777c403)
	- [<a id="org4c41407"></a> Set up `gpg`](#orge119e17)
	- [Test decrypting a password](#orgca8e572)
	- [Mark key pair as trusted](#org3cd2994)
	- [(Optional) Delete expired gpg keys](#org9f729b2)


	<a id="org3d5723d"></a>

	# Install Git for Windows

	1. Go to <https://git-scm.com/download/win>. Download will start automatically.
	2. Run the downloaded installer
	3. Choose all default options


	<a id="org9959fe7"></a>

	# Generate ssh key pair

	1. Open the "Git Bash" application. (You can also use the Cygwin terminal if Cygwin is installed.)
	2. Check whether ssh key pair exists

	```sh
	ls ~/.ssh
	```

	If `id_rsa` and `id_rsa.pub` already exist, skip to [3](#org5914e59).
	3. Do only if `id_rsa` and `id_rsa.pub` do not exist. At the prompt, run

	```sh
	ssh-keygen
	```

	Choose the default location and use an empty passphrase


	<a id="orgb4c5a66"></a>

	# <a id="org5914e59"></a> Clone `password-store` repository from GitLab

	1. Log into [GitLab](https://gitlab.com/)
	2. From the top-right menu, choose "Settings"
	3. In the left pane, click on "SSH Keys"
	4. Copy the contents of the file `~/.ssh/id_rsa.pub` to the clipboard
	- In Git Bash, run

	```sh
	cat ~/.ssh/id_rsa.pub
	```
	- Copy the output (starting with `ssh-rsa`) to the clipboard by highlighting and pressing Ctrl-Insert
	- Paste into the text box under "Key" (using Shift-Insert)
	- Click "Add Key"
	5. Navigate to the `password-store` project in GitLab
	6. Click "Clone" in the top right
	7. Click the clipboard icon to the right of the text under "Clone with SSH" to copy to the clipboard
	8. In Git Bash, type `git clone` and paste the text copied in the step above (after a space). You will be prompted to confirm the connection. Answer "yes" and press enter.
	9. Rename the `password-store` folder to `.password-store` using

	```sh
	mv password-store .password-store
	```

	or, in equivalent shorthand

	```sh
	mv {,.}password-store
	```


	<a id="org777c403"></a>

	# Install [pass-winmenu](https://github.com/geluk/pass-winmenu).

	1. Navigate to the [pass-winmenu](https://github.com/geluk/pass-winmenu) repo on Github. Click on the "Releases" tab.
	2. Download the zip file for version 1.9.1. The filename is `pass-winmenu.zip`. (Note: do not download the file with the `nogpg` suffix.)
	3. Unpack the zip file to the root directory (e.g. `C:\`)
	4. Inside the unzipped folder, run the `pass-winmenu` executable. You will get an alert saying "no private keys found". Ignore this for now.


	<a id="orge119e17"></a>

	# <a id="org4c41407"></a> Set up `gpg`

	1. Locate the `pass-winmenu` icon in the system tray (you may need to click the "^" icon)
	2. Right click on the `pass-winmenu` tray icon and select "Open Shell"
	3. Assuming the secret key file is located at `D:\secret.asc`, run the following

	```sh
	gpg --import D:\secret.asc
	```


	<a id="orgca8e572"></a>

	# Test decrypting a password

	Basic setup is finished at this point. You can test operation as follows:

	1. `Ctrl+Alt+p` to bring up selector
	2. Type to narrow search, Enter to select
	3. You should see a pop-up indicating that the password has been copied to the clipboard


	<a id="org3cd2994"></a>

	# Mark key pair as trusted

	You will need to mark the imported key pair as trusted in order to use it to encrypt new passwords.

	1. Right click on the `pass-winmenu` tray icon and select "Open Shell"
	2. <a id="org74b4ade"></a> At the prompt, type

	```sh
	gpg --list-keys
	```
	3. <a id="org5f374b9"></a> Note the key id of the key pair imported in step [5](#org4c41407). The id is the long hex string on the second line of each record. For example, for the output

	```
	/Users/matt/.gnupg/pubring.gpg
	------------------------------
	pub rsa2048 2018-09-27 [SC] [expires: 2020-09-26]
	62B64C7C2B289D7AB0AD9DD9B2E52431E1732637
	uid [unknown] Matthew Wittmann <mcwitt@gmail.com>
	sub rsa2048 2018-09-27 [E] [expires: 2020-09-26]
	```

	The key id is `62B64C7C2B289D7AB0AD9DD9B2E52431E1732637`. (Note the `[unknown]`, meaning this key pair is currently untrusted.)
	4. Run the following command, substituting the example key id with the one determined in step [3](#org5f374b9)

	```sh
	gpg --edit-key 62B64C7C2B289D7AB0AD9DD9B2E52431E1732637
	```
	5. At the `gpg>` prompt, type `trust`. When prompted for the trust level, choose "5" (ultimate)
	6. Type `Ctrl+d` to exit


	<a id="org9f729b2"></a>

	# (Optional) Delete expired gpg keys

	1. Right click on the `pass-winmenu` tray icon and select "Open Shell"
	2. <a id="org91a069d"></a> Refer to [2](#org74b4ade) and [3](#org5f374b9) above to find the key id of the key pair you want to delete. There should be some indication in the output of `gpg --list-keys` as to which keys are expired.
	3. To delete the secret key, run (substituting your key id from [2](#org91a069d))

	```sh
	gpg --delete-secret-key <key-id>
	```

	Answer affirmatively all of the prompts.
	4. To delete the public key,

	```sh
	gpg --delete-key <key-id>
	```