Pass is a great utility which can store your passwords securely on your device encrypted by gpg keys.
You can also push your passwords to a git repository so you can share the passwords between multiple devices.
So here is step by step guide to configure pass with gpg keys, set it up with github.
Install Pass
On linux
$ sudo apt install pass
if you are using mac you can use brew
$ brew install pass
Manage GPG keys
To get started with pass we need to create a gpg key, if you don’t have already created a gpg key create one as follow
$ gpg --full-generate-key
Select the default option (1)
On next step choose the size of your key, default is 3072 you can choose nay from 1024 and 4096.
On next screen select the expiry of your key, if you 0 key will never expire, otherwise you will have to use rotation policy to manage your keys and to use them with pass.
Copy your gpg key id so we can use it pass
Initializing pass
Ok at this step we have a gpg key generated, lets use it with pass
$ pass init your-gpg-key-id-here
for example
$ pass init X034....
This will create a .password-store in your home folder. You can use -p flag to change the directory.
Setting up pass on git
You need to push your passwords to git/github in order to share them between devices. For this purpose you need to create a private repository on github or on your favorite git manager. After doing that follow the steps below.
$ pass git init
$ pass git remote add origin your-git-hub-repo-url
$ cd ~/.password-store
$ git fetch -p
Important Note
Password stores on all devices should be using same gpg keys so we can share them easily. To share the gpg key, we need to first export the gpg key we recently created and then import it on another machine.
Exporting GPG key
gpg --export your-gpg-id > public.key
gpg --export-secret-key your-gpg-id > private.key
Now copy the public.key and private.key to other machines and import them there as follow
Importing the GPG key
$ gpg --import public.key
$ gpg --import private.key
Trusting the newly imported GPG key
You need to trust the newly imported gpg key in order to use it.
$ gpg --edit-key gpg-id-you-just-imported
on gpg terminal type trust and hit enter like
$ gpg> trust
select 5 for ultimate trust on this key
$ gpg> quit
Initializing the pass with imported gpg key
$ pass init gpg-id-you-just-imported
Setup the git as explained above in section “Setting up pass on git”
And pull the passwords from git using $ git pull
and start using it with inserting passwords and pushing them to git
Insert new password
$ pass insert work/gmail
follow the prompt
Push passwords to git
$ pass git push
Recent Comments