26 April, 2025

Linux / Unix: pass and gpg setup

The documentation from pass does not tell you how to connect pass with a gpg key. The MacOS steps are:
  • >>brew install pass
  • >>pass init "Name of your store string"
  • >>gpg --full-generate-key
  • >>gpg --list-keys
  • Now copy the name of the relevant key
  • >>pass init ajdfljdalfjalfjladfalsdfjljflafihei8ytaio
  • pass insert test
  • Pass will prompt the test passwords, give them
  • >>pass test
  • Then GPG will ask for the password.
In a Linux system, the steps are similar, but you'll have to install pass according to your variant of Linux. E.g. on Ubuntu use:

>> sudo apt install pass

Pass: Export to other systems

This solution from a block post by Ryan Himmelwright was a great help: https://ryan.himmelwright.net/post/setting-up-pass/ 

Quote: 

"The thing that we can do is first of all set up a github, gitlab, or whatever repo with pass password database. For that we'll have to install pass-git-helper, it's in the AUR if you're on Arch. Then we'll set up a git repo:

pass git init
pass git remote add origin <url>
pass git add -A
pass git commit -m "initial commit"
pass git push -u origin master

This will push all passwords to git repo, make sure the git repo is private.

Now we'll back up the GPG key:

gpg --export-secret-keys $ID > my-private-key.asc

Copy the file my-private-key.asc to a USB drive or whatever storage device you have before wiping disk.

To restore the passwords again, copy the private key file to the new system and of course, don't forget the passphrase of GPG key and then run these commands:

gpg --import my-private-key.asc
git clone <url> ~/.password-store/

See this thread: https://superuser.com/questions/1722240/how-to-backup-passwords-from-pass  

No comments: