Skip to content

Instantly share code, notes, and snippets.

@sgarciav

sgarciav/pass.md

Last active June 13, 2024 18:56
Show Gist options
  • Save sgarciav/b709c871fb040e3444e044642e3d8709 to your computer and use it in GitHub Desktop.
Save sgarciav/b709c871fb040e3444e044642e3d8709 to your computer and use it in GitHub Desktop.
Download ZIP
Initialize your password store
Raw
pass.md

About

Summarizing the instructions of the pass tool (as seen on its website).

Getting Started

Installation

Execute: $ sudo apt install pass

Setup GPG Keys

Execute: $ gpg --full-generate-key

After following the instructions in the prompts, you can execute $ gpg --list-key to make sure that it was created correctly. Make note of the uid phrase you chose - you'll need it to initialize your password store.

Initialize

Execute $ pass init [GPG UID] to initialize the password store - where "GPG UID" is the uid stored from above. This will create the ~/.password-store directory, where all of your passwords will be stored.

Connect to git repo

Start by creating a new (local) git repository under the ~/.password-store directory by executing:

$ pass git init

If you'd like to pair this repo with an existing one, execute the following:

$ pass git remote add origin [GIT URL]
$ cd ~/.password-store
$ git fetch -p
$ git branch password-store
$ git push origin password-store

Keep in mind that everytime you execute a pass command, it will create a new (local) commit inside the ~/.password-store directory - within whatever branch is being pointed at at the moment. You can then execute the following to push the commits to the server:

$ pass git push

Use

Add a new password

Execute $ pass insert [OPTIONAL DIR]/[FILENAME], where:

  • OPTIONAL DIR is an optional directory name to provide a file structure for your password store.
  • FILENAME is the filename that pass will use to store the password.

You can then execute $ pass [OPTIONAL DIR]/[FILENAME] to display the password for the provided filename.

Replace an existing password

Execute the following to replace the password in FILANAME:

$ pass generate --in-place FILENAME 30

Use in a different machine

To use the same git repo with all of your passwords in a different machine, you'll need to export/import the GPG key pair used to generate/insert the passwords.

  1. Export the GPG key pair on the original machine by executing:

     $ gpg --export [GPG ID] > public.key
 $ gpg --export-secret-key [GPG ID] > private.key

  2. Copy the key pair to the secondary machine(s) you wish to use.

  3. Import the pair in the new machine(s) by executing:

     $ gpg --import public.key
 $ gpg --import private.key

  4. Set the trust permissions on the new key pair by executing:

     $ gpg --edit-key [GPG ID]
 $ gpg> trust
 $ [follow the prompts]
 $ gpg> quit
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment