How I use passwords in the terminal
How I use passwords in the terminal
Part of the [[10 minute devops]] series
- Set up GPG
- Create a vault
- local dir
- git repo
- Add paswords and tokens
- gitops
- Replicate elsewhere
- Using in a
.envrcfor inclusion in scoped environment
pass - the standard unix password manager
Setting up a new vault
You need to have gpg set up and a private key that you intend to use for encrypting passwords.
gpg --list-secret-keys
[keyboxd]
---------
sec ed25519 2025-04-16 [SC] [expires: 2030-04-15]
643D280F0F5FFFFFF8471A1427F6CB7459E31C21
uid [ultimate] Ray Tran <ray@artran.co.uk>
Initialise the vault with
pass init ray@artran.co.uk
This creates the vault at ~/.password-store
It's recommended that the vault uses git to make it easier to undo mistakes and that the repository has a remote copy:
pass git init
cd .password-store
git remote add origin <git-url>
Getting an existing vault onto a new machine
Using a vault for tasks
Re-encrypting a vault when the original key expires
Make a new keypair with gpg and then re-initialise the vault using the new key
pass init ray@artran.co.uk