On Sun, Feb 05, 2017 at 10:27:58AM +0100, Sebastian Reuße wrote:
Adam Spiers <[email protected]> writes:
There is one feature which I consider pretty essential, and as far as
I can see, it's not supported by pass yet, which is to keep the entire
metadata encrypted, including the directory names and file names.
Without this it doesn't seem to provide 100% privacy protection, since
for example it potentially exposes which websites you use. Is that
right, or am I missing something?
This is already implemented as far as I see it. In order to protect your
local data, you can store the git repository on a fully-encrypted disk
or alternatively store it inside an encrypted container like ecryptfs.
To protect the data stored on remotes, use the git-remote-gcrypt
extension.
I got the impression that the point of pass was to provide an
additional line of defence above what the filesystem already
provides. If the filesystem can be trusted to keep things secure then
you could simply store all your credentials in it in plaintext, and
there would be no need for pass. Maybe I misunderstood something?
_______________________________________________
Password-Store mailing list
[email protected]
https://lists.zx2c4.com/mailman/listinfo/password-store
