Skip to content

Add a credential helper for gopass #138

New issue
Jump to bottom
New issue
Jump to bottom
Open
#268
Open
Add a credential helper for gopass#138
#268
@sudoforge

Description

@sudoforge
sudoforge
opened on Mar 29, 2019

Background Information

gopass is a rewrite of pass written in Go. It provides a very similar interface to zx2c4's pass, while adding some additional functionality that helps using the password manager within team or multi-team environments, such as mounting external stores, encrypting different blobs for different recipients, etc.

It has a configuration file, located at $XDG_CONFIG_HOME/gopass/config.yml, example below:

root:
  askformore: false
  autoclip: true
  autoimport: true
  autosync: true
  check_recipient_hash: false
  cliptimeout: 45
  concurrency: 1
  editrecipients: false
  nocolor: false
  noconfirm: false
  nopager: false
  notifications: true
  path: gpgcli-gitcli-fs+file:///home/username/code/src/github.com/username/my-personal-store
  recipient_hash: {}
  safecontent: false
  usesymbols: false
mounts:
  work:
    askformore: false
    autoclip: true
    autoimport: true
    autosync: true
    check_recipient_hash: false
    cliptimeout: 45
    concurrency: 1
    editrecipients: false
    nocolor: false
    noconfirm: false
    nopager: false
    notifications: true
    path: gpgcli-gitcli-fs+file:///home/username/code/src/git.company.com/username/my-work-store
    recipient_hash: {}
    safecontent: false
    usesymbols: false

The root dictionary, above, holds the configuration for the root ("default") store. The mounts list provides zero or more dictionaries for additional stores which are "mounted" at the top-level name (the mount's name). For example, with the above configuration:

$ gopass foo

would attempt to access and decrypt foo.gpg in /home/username/code/src/github.com/username/my-personal-store, and

$ gopass work/foo

would attempt to access and decrypt foo.gpg in /home/username/code/src/git.company.com/username/my-work-store.

Proposal

I personally switched over to gopass some time ago, as I found it more intuitive than pass when I began managing passwords for clients and other organizations. It would be great to have a credential helper that interfaced with gopass. I currently utilize pass only because it is the only available credential helper that appeals to me; I would like to remove this dependency and utilize the password manager I use for everything else.

Note: I'm drafting this issue here, but fully plan on contributing to the project and writing this helper myself within the next few weeks. If this would be ill received, please advise.

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions