Hi all, Am 15.11.2016 um 00:06 schrieb Justin Steven: > On Mon, Nov 14, 2016 at 12:30:48PM +0100, Martin Weis wrote: >> However, it should never happen that a file is encrypted only with >> public keys, at least one of the keys should have a private part. >> Otherwise the encryption may be fine, but you yourself cannot decrypt ;) >> > > The issue that you had aside, I disagree. It should be possible to encrypt > passwords to a key that you do not currently have the private part for. > > For example, I keep my private key on a smartcard that is not always attached > to my machine. It is handy being able to add or generate passwords without > needing my private key available, or in situations where I do not want to be > able to decrypt the password again until I have explicitly reattached my > smartcard. > > I'm sure there are other use cases in which this is useful. It should not be a > condition of password encryption that the private key be available.
I agree. One of the advantages off pass is the possibility to use it for a shared password store. With a remote git repository it's the only password store I know this works for colaborative usage. In this case you need the public keys of all other users e.g. in an admin team. It also make sense for private usage: I encrypt the important passwords with a key which private part is stored on a gnupg card. But some other passwords in other subdirs I want to use on other devices with other keys (e.g. on a android device). Regards Jan _______________________________________________ Password-Store mailing list [email protected] http://lists.zx2c4.com/mailman/listinfo/password-store
