Great video, thanks. The "pass git show" command will only show the git history if the gpg passphrase is still in use during a session. I think the default validity is 600 seconds. Might be worthwhile delving into this as it looks like a fundamental flaw in the "pass git" security but it's not.
Im wanting to switch over to pass, but I'm new to gpg as well so that leads to a bit of confusion. I understand that, when moving your keys to a new device, you can simply export them to files, ftp (or whatever) them over, and import them; however, i remember you saying in the gpg video that a laptop should have a shorter expiry period for the gpg key. so, when I copy over my pass files to a new system, and then import my gpg key to decrypt them, how should i handle this issue? thanks :D
It comes down to personal preference. I never used KeePassXC but it looks like a general purpose GUI password manager. Pass is focused on the command line experience. In my opinion these are targeting different use cases.
@@NickJanetakis i dont want to try to convince you or anyone of what tools to use, but on the point of the command line experience keepassxc comes with the keepassxc-cli which was as scriptable as pass seems. so not trying to say that keepassxc is better or anything, but it seemed to me that you weren't aware of that cli (not that it really matters though lol). however somethings that the gui keepassxc handles nicely like ssh-agent integrations didnt seem to work with the cli tool.
Pass is awesome. Great intro Nick! I also use it outside the terminal with rofi.
Great video, thanks. The "pass git show" command will only show the git history if the gpg passphrase is still in use during a session. I think the default validity is 600 seconds. Might be worthwhile delving into this as it looks like a fundamental flaw in the "pass git" security but it's not.
Pretty neat little tool. Only thing missing to me is a way to generate diceware passphrases.
Great video.
Thanks. Yep, that would be handy since [wf)~:lXqtdaDc.^+2VO]76io};7V` is a tad difficult to remember and manually type if you had to.
This tuto is so nice sir
Do a 'pass init what@ever' then 'pass git init'
After that use 'pass git ' as needed.
Amazing video. Thank you!
No problem, thanks for watching.
I use Nextcloud Passwords but I like this one to :)
Very well
Im wanting to switch over to pass, but I'm new to gpg as well so that leads to a bit of confusion. I understand that, when moving your keys to a new device, you can simply export them to files, ftp (or whatever) them over, and import them; however, i remember you saying in the gpg video that a laptop should have a shorter expiry period for the gpg key. so, when I copy over my pass files to a new system, and then import my gpg key to decrypt them, how should i handle this issue? thanks :D
You can keep renewing your key after it expires. You can proceed with your normal plan of backing them up between devices.
Thanks!
... let's just make pretend that didn't happen at all😆😆😆
Is there an easy way to update all passwords to a new gpg Key?
I've never done it but askubuntu.com/a/935508 hints it's possible. Let us know how it goes. I'd for sure make a backup before doing anything.
Looks too complex workflow. I'd suggest KeePassXC
It comes down to personal preference. I never used KeePassXC but it looks like a general purpose GUI password manager. Pass is focused on the command line experience. In my opinion these are targeting different use cases.
@@NickJanetakis i dont want to try to convince you or anyone of what tools to use, but on the point of the command line experience keepassxc comes with the keepassxc-cli which was as scriptable as pass seems. so not trying to say that keepassxc is better or anything, but it seemed to me that you weren't aware of that cli (not that it really matters though lol). however somethings that the gui keepassxc handles nicely like ssh-agent integrations didnt seem to work with the cli tool.