~$ pass tomb [email protected] -v -d
(*) tomb [D] Identified caller: rav (1000:1000)
(*) tomb [D] Tomb command: dig /home/rav/password
(*) tomb [D] Caller: uid[1000], gid[1000], tty[/dev/pts/6].
(*) tomb [D] Temporary directory: /tmp/zsh
(*) tomb . Commanded to dig tomb /home/rav/password
(*) tomb (*) Creating a new tomb in /home/rav/password
(*) tomb . Generating password of 10MiB
(*) tomb [D] Data dump using dd from /dev/urandom
(*) 10+0 records in
(*) 10+0 records out
(*) 10485760 bytes (10 MB) copied, 1.10843 s, 9.5 MB/s
(*) -rw------- 1 rav rav 10M Mar 10 13:05 /home/rav/password
(*) tomb (*) Done digging password
(*) tomb . Your tomb is not yet ready, you need to forge a key and lock it:
(*) tomb . tomb forge /home/rav/password.key
(*) tomb . tomb lock /home/rav/password -k /home/rav/password.key
(*) tomb [D] Identified caller: rav (1000:1000)
(*) tomb [D] Tomb command: forge /home/rav/password.key
(*) tomb [D] Caller: uid[1000], gid[1000], tty[/dev/pts/6].
(*) tomb [D] Temporary directory: /tmp/zsh
(*) tomb . Commanded to forge key /home/rav/password.key with cipher algorithm AES256
(*) tomb [W] This operation takes time, keep using this computer on other tasks,
(*) tomb [W] once done you will be asked to choose a password for your tomb.
(*) tomb [W] To make it faster you can move the mouse around.
(*) tomb [W] If you are on a server, you can use an Entropy Generation Daemon.
(*) tomb [D] Data dump using dd from /dev/random
(*) 512+0 records in
(*) 512+0 records out
(*) 512 bytes (512 B) copied, 583.43 s, 0.0 kB/s
(*) tomb (*) Using the GnuPG key [email protected] to encrypt the key: /home/rav/password.key
(*) tomb . (You can also change it later using 'tomb passwd'.)
(*) tomb [D] is_valid_recipients
(*) tomb [D] Created tempfile: /tmp/zsh/158601790430456841
(*) tomb [D] [GNUPG:] BEGIN_ENCRYPTION 2 9
(*) tomb [D] [GNUPG:] END_ENCRYPTION
(*) tomb [D] is_valid_key
(*) tomb . Key is valid.
(*) tomb . Done forging /home/rav/password.key
(*) tomb (*) Your key is ready:
(*) -rw------- 1 rav rav 1.6K Mar 10 13:15 /home/rav/password.key
(*) tomb [D] Identified caller: rav (1000:1000)
(*) tomb [D] Tomb command: lock /home/rav/password
(*) tomb [D] Caller: uid[1000], gid[1000], tty[/dev/pts/6].
(*) tomb [D] Temporary directory: /tmp/zsh
(*) tomb . Commanded to lock tomb password
(*) tomb [D] Tomb found: /home/rav/password
(*) tomb [D] Loop mounted on /dev/loop0
(*) tomb . Checking if the tomb is empty (we never step on somebody else's bones).
(*) tomb . Fine, this tomb seems empty.
(*) tomb [D] load_key key encrypted with a GnuPG Key
(*) tomb . Key encrypted with a GnuPG Key
(*) tomb [D] load_key: /home/rav/password.key
(*) tomb [D] is_valid_key
(*) tomb . Key is valid.
(*) tomb . Locking using cipher: aes-xts-plain64:sha256
(*) tomb [D] no password needed, using GPG key
(*) tomb [D] get_lukskey
(*) tomb [D] Created tempfile: /tmp/zsh/29895117701498311683
(*) tomb [D] [GNUPG:] ENC_TO 0000000000000000 16 0
(*) tomb [D] gpg: anonymous recipient; trying secret key 5149EA28 ...
(*) tomb [D] [GNUPG:] USERID_HINT XXXXXXXXXXXXXX My Name <[email protected]>
(*) tomb [D] [GNUPG:] NEED_PASSPHRASE XXXXXXXXXXXXXX XXXXXXXXXXXXXX 16 0
(*) tomb [D] gpg: can't query passphrase in batch mode
(*) tomb [D] [GNUPG:] MISSING_PASSPHRASE
(*) tomb [D] [GNUPG:] BAD_PASSPHRASE XXXXXXXXXXXXXX
(*) tomb [D] gpg: encrypted with ELG-E key, ID 00000000
(*) tomb [D] [GNUPG:] NO_SECKEY 0000000000000000
(*) tomb [D] [GNUPG:] BEGIN_DECRYPTION
(*) tomb [D] [GNUPG:] DECRYPTION_FAILED
(*) tomb [D] gpg: decryption failed: secret key not available
(*) tomb [D] [GNUPG:] END_DECRYPTION
(*) tomb [D] get_lukskey returns 1
(*) tomb [E] No valid password supplied.
[*] Error : Unable to lock the password tomb
I've removed my actual email from the above output. I think the problem is that I'm not getting a prompt for my GPG passphrase, even though I have gpg-agent
and use it daily for my e-mail. I use pinentry-curses
, does pass-tomb require the gtk version?