Comments (9)
Trying to introduce gopass
in my team, and we've run into this repeatedly, specifically gopass clone
not using the keys that are there.
from gopass.
Sorry for that. I hope that I can take a look at this soon.
from gopass.
How did you install that store?
I think you might need to import the old public keys first using:
gpg --import /path/to/your/store/.public-keys/*
from gopass.
I used gopass clone
to initiate the new store from git. Having done that the public keys located in /path/to/your/store/.public-keys/*
are just my own keys, not the ones already set in the git repository, so importing them really doesn't do anything.
from gopass.
That's surprising.
sync
should detect the missing keys and import them.
I could reproduce locally, adding a substore using:
gopass setup --remote [email protected]:example/example.git --alias example
seems to work fine, but doing the same thing using gopass clone
doesn't:
$ gopass setup --remote [email protected]:example/example.git --alias example
🌟 Configuring your password store ...
✅ Configuration written
[example]Configuring git remote ...
[example]Cloning from the git remote ...
[example]✅ Done. Joined Team "example"
[example]⚠ You still need to request access to decrypt secrets!
$ gopass clone [email protected]:example/example.git second
[...]
Your password store is ready to use! Have a look around: `gopass list second`
❌ Failed to git commit: exit status 128: error: gpg failed to sign the data
fatal: failed to write commit object
⚠ Please ask the owner of the password store to add one of your keys: 0x1...
⚠ The missing keys were exported to the password store. Run `gopass sync` to push them.
$ gopass sync
🚥 Syncing with all remotes ...
[<root>]
gitfs pull and push ... Skipped (no remote)
[example]
gitfs pull and push ... OK (no changes)Do you want to import the public key "0x..." (Names: [...]) into your keyring? [y/N/q]: y
Imported public key for 0x... into Keyring
[second]
gitfs pull and push ... OK (no changes)❌ Failed to decode public key 0x...
from gopass.
And now we had the same thing happen as OP. Upon their first sync, a colleague's gopass removed all public keys but their own and immediately pushed that change to the remote. 😔
from gopass.
Can anyone that is affected re-run the steps to reproduce with GOPASS_DEBUG_LOG=/tmp/gopass.log
and provide (possibly truncated) logs?
I think there might be a mismatch between how recipients are specified in the .gpg-id
file and their filenames.
from gopass.
We observed this problem as well, but only with our newest team member. The only difference we came across was that she was the only team member initializing the password store with gopass clone
straight from our git repo, while all the other team members had used the original pass
earlier and later switched to gopass
, resulting in the following difference:
- the new team member has its root store in
~/.local/share/gopass/stores/root
- the other team members have their root store in
~/.password-store
We tried simulating this for her by moving her root store into the legacy location and removing all other stuff created by gopass clone
:
$ mv ~/.local/share/gopass/stores/root ~/.password-store
$ rm -rf ~/.local/share/gopass ~/.config/gopass
When we tried again, gopass sync
worked like a charm and happily imported all team member's public keys into her local keyring.
from gopass.
Thank you @jonmz . This is useful feedback. I will try to reproduce this as well.
from gopass.
Related Issues (20)
- `--stores` option incorrectly parsed HOT 10
- `core.notifications = false` not working in mounts HOT 3
- Running `go test` for gopass modifies global config and also removes mounts HOT 3
- gopass 1.15.10 debian package broken HOT 8
- Feature: allow setting autosync.interval in minutes HOT 3
- `apt upgrade` fails with `gopass` due to `blank line in value of field 'Description'` HOT 1
- `gopass show --noparsing` does not work as expected unless it's forced
- Display Multi-line Passwords HOT 7
- Team function for importing a public key with sync (or via updates) is broken
- gopass otp gives git error HOT 3
- $PASSWORD_STORE_DIR expansion creates unintended directory structure when using fscopy HOT 2
- Including .gpg extension causes unintended results when calling fscopy HOT 9
- `gopass setup`: inconsistent behaviour and merge failure because of "unrelated histories" HOT 2
- gopass generate -g xkdc now fails if no language is set in config. HOT 1
- Feature Request: Wizard type multiline / editor HOT 4
- "Failed to check environment" & "Failed to list store" after fresh install HOT 1
- panic: runtime error: invalid memory address or nil pointer dereference HOT 3
- Feature Request: Ignoring passwords in the audit feature HOT 3
- gopass attempts to make GPG key despite there being one already HOT 3
- Feature request: configuration option to disable logo in notification HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from gopass.