On Thu, 9 Nov 2023 12:46:23 -0500 Todd Zullinger <t...@pobox.com> wrote:
> Hi, > > pa...@quillandmouse.com wrote: > > I have a bash/GPG based password manager I wrote years ago, but I'd > > like to use something more "accepted/popular". The problem I have > > with the other password managers I've looked at is that you can > > store a very limited amount of information for each "account". For > > example, for one of my logins, I may have to store the answers to > > three security questions, an account login, email address, the > > actual password, and maybe the mobile phone number associated with > > the login. I also object to my password information being stored > > online by some password manager vendor. > > > > Does anyone know of a password manager which will store a variety of > > user-defined information for each login, and not store that > > information on the internet (and which is free as in beer)? > > You may like pass[1]. It's a bash script which uses gpg, so > it's somewhat familiar to what you've written in a sense. > > It supports random data via the --multiline (-m) option. > > It's locally hosted (though you can use online syncing tools > if you want). There are a a good number of alternative > clients for it as well, to suit various use cases or > environments. > > [1] https://www.passwordstore.org/ > Excellent suggestion! I can't get it to work properly, because there must be something fundamentally missing in my understanding of GPG, etc. To initiate the store, you use the following command: pass init <gpg-id> If I feed this my master password for the "gpg-id", the .gpg-id file in the password store shows my master password in the clear. This can't be right. None of the docs explain what a "gpg-id" actually is. I found some docs on Redhat's site where you could generate a gpg file: gpg --full-generate-key This asks a bunch of questions, and asks me for my master password. It generates a file: ~/.gnupg/pubring.kbx, and add a couple of hex strings in ~/.gnupg/private-keys-v1.d. Seems like I should be using one of those strings as my private key for gpg-id, but which one? I'm really not sure what to give the init command for a gpg-id. Any help would be much appreciated. Paul -- Paul M. Foster Personal Blog: http://noferblatz.com Company Site: http://quillandmouse.com Software Projects: https://gitlab.com/paulmfoster
