aboutsummaryrefslogblamecommitdiff
path: root/op_guide/secrets/README.md
blob: 7c9fd6576b6162338a82e7676a1b61375d6a10c8 (plain) (tree) 
501fbb5







































































1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71







































































                                                                     
## init

generate a new password store named deuxfleurs for you:

```
pass init -p deuxfleurs you@example.com
```

add a password in this store, it will be encrypted with your gpg key:

```bash
pass generate deuxfleurs/backup_nextcloud 20
# or
pass insert deuxfleurs/backup_nextcloud
```

## add a teammate

edit `~/.password-store/acme/.gpg-id` and add the id of your friends:

```
alice@example.com
jane@example.com
bob@example.com
```

make sure that you trust the keys of your teammates:

```
$ gpg --edit-key jane@example.com
gpg> lsign
gpg> y
gpg> save
```

Now re-encrypt the secrets:

```
pass init -p deuxfleurs $(cat ~/.password-store/deuxfleurs/.gpg-id)
```

They will now be able to decrypt the password:

```
pass deuxfleurs/backup_nextcloud
```

## sharing with git

To create the repo:

```bash
cd ~/.password-store/deuxfleurs
git init
git add .
git commit -m "Initial commit"
# Set up remote
git push
```

To setup the repo:

```bash
cd ~/.password-store
git clone https://git.example.com/org/repo.git deuxfleurs
```



https://medium.com/@davidpiegza/using-pass-in-a-team-1aa7adf36592
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-17 23:03:47 +0000