Mario Alegre
5 years ago
2 changed files with 103 additions and 0 deletions
@ -0,0 +1,103 @@ |
|||
# install and configure password-manager |
|||
|
|||
## First device |
|||
|
|||
### install |
|||
|
|||
install: |
|||
``` |
|||
apt install pass |
|||
``` |
|||
|
|||
### generate key |
|||
|
|||
This only needs to be done once. You will then put the key in the git repository so it can be used across different devices. First, we will generate a gpg key: |
|||
``` |
|||
gpg --full-generate-key |
|||
``` |
|||
|
|||
### initialize pass |
|||
|
|||
Then, we initialize `pass` with the key we generated, and create a git repository as well: |
|||
``` |
|||
pass init ${gpg-id:?} |
|||
pass git init |
|||
``` |
|||
The `Comment` field, if unique, can be used to identify your key instead of having to give the key's fingerprint, so make sure to choose one that is unique and easy to use. |
|||
|
|||
### add key |
|||
|
|||
Next, we add our remote to push to: |
|||
``` |
|||
pass git remote add origin ${remote_url:?} |
|||
``` |
|||
and sync with git: |
|||
``` |
|||
pass git push --set-upstream origin master |
|||
``` |
|||
|
|||
### export keys |
|||
|
|||
We will export our key to a directory in the repository, so we can use the key across different devices. |
|||
``` |
|||
cd .password-store/ |
|||
mkdir .keys |
|||
cd .keys/ |
|||
gpg --export --armor ${gpg-id:?} > pubkey.asc |
|||
gpg --export-secret-keys --armor ${gpg-id:?} > privkey.asc |
|||
``` |
|||
Add the keys to the repository and push: |
|||
``` |
|||
pass git add .keys |
|||
pass git commit -m "added keys to repo" |
|||
pass git push |
|||
``` |
|||
If you want, [set up auto-sync](#set-up-auto-sync) for your repository. |
|||
|
|||
## subsequent devices |
|||
|
|||
### install |
|||
|
|||
``` |
|||
apt install pass |
|||
``` |
|||
|
|||
### clone repo |
|||
|
|||
``` |
|||
git clone ${repo_url:?} |
|||
``` |
|||
move: |
|||
``` |
|||
mv ${repo_dir:?} .password-store |
|||
``` |
|||
set permissions: |
|||
``` |
|||
chmod og-rwx .password-store |
|||
``` |
|||
|
|||
### import keys |
|||
|
|||
``` |
|||
cd .password-store/.keys |
|||
gpg --import pubkey.asc |
|||
gpg --import privkey.asc |
|||
``` |
|||
Tell GPG you trust the key: |
|||
``` |
|||
gpg --edit-key ${key_id:?} trust quit |
|||
``` |
|||
Answer `5` to tell GPG you trust the key ultimately, then `y` to confirm. |
|||
|
|||
## Set Up Auto-sync |
|||
|
|||
We will set up a cron job to synchronize keys with the git server every 15 minutes. |
|||
|
|||
Edit your crontab by running: |
|||
``` |
|||
crontab -e |
|||
``` |
|||
Add the job: |
|||
``` |
|||
*/15 * * * * pass git pull && pass git push |
|||
``` |
|||
Loading…
Reference in new issue