On Mittwoch, 28. Februar 2024 17:30:21 CET Werner Koch via Gnupg-users wrote:
> On Wed, 28 Feb 2024 10:55, Matthias Apitz said:
> > purism@pureos:~$ cat .password-store/.gpg-id
> > CCID L5
>
> Which means that it encrypts to "CCID L5". pass parses this using
>
> while read -r gpg_id; do
> gpg_id="${gpg_id%%#*}" # strip comment
> [[ -n $gpg_id ]] || continue
> GPG_RECIPIENT_ARGS+=( "-r" "$gpg_id" )
> GPG_RECIPIENTS+=( "$gpg_id" )
> done
>
> The good thing with pass is that it is easy to read."CCID L5" doesn't strike me as a sufficiently unique identifier for a key. If I add a (secondary) user ID "CCID L5" to my key and trick Matthias into importing it won't pass start encrypting their passwords for my key? My ~/.password-store/.gpg-id contains the fingerprint of my password encryption key. Regards, Ingo
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
