I always liked the idea of pass, but I never really understood how people use it. Do you never logout? Do you write a script that runs pass for the username and again for the password? But then...
I always liked the idea of pass, but I never really understood how people use it. Do you never logout? Do you write a script that runs pass for the username and again for the password? But then how do you know when to run it the second time since pass always times out after a fixed number of seconds? I also didn't like that each entry was stored in a separate file and that the whole structutre was unencrypted.
So, as a proper introvert, I didn't ask for help but instead wrote my own script that essentially grabs values by key from an encrypted text file and passes them to xclip like this:
Each xclip command blocks until the user pastes once and then clears the selection buffer. (The arguments don't make sense, but they are important.) I can press Shift+Insert Tab Shift+Insert Enter on login forms. Awesome!
I've used this basic technique for many years now and it works well for me. Over the years, I've added and improved features and recently I started polishing it, which I'm now done with. (I even wrote tests!)
Neat tool, maybe I'll mess around with it later. You can configure ~/.gnupg/gpg-agent.conf to expire gpg-agent's cache after some time: default-cache-ttl 72000 max-cache-ttl 72000 For websites I...
Neat tool, maybe I'll mess around with it later.
Do you never logout?
You can configure ~/.gnupg/gpg-agent.conf to expire gpg-agent's cache after some time:
default-cache-ttl 72000
max-cache-ttl 72000
Do you write a script that runs pass for the username and again for the password?
For websites I use the Browserpass extension to fill login forms with Shift+Ctrl+F. For other logins I just run pass whatever and copy/paste in the usual way. I know it's less secure to have your password hanging around in the paste buffer but like you, I always found the auto-timeout to be clunky.
What do you do for stuff that only needs a password? For example with ssh, I have my username configured on a per-host basis in ~/.ssh/config, so I only ever need input my password (and only if I don't have GSSAPI nor an authorized key setup, though I guess that's irrelevant to this discussion). I guess you could either paste the username elsewhere or into the password prompt and then clear it with Ctrl+Y?
That's not the issue I'm having. I want to load my username into the selection and, as soon as I paste it, load the password into the selection. AFAIK, pass doesn't allow me to do that. I would...
You can configure ~/.gnupg/gpg-agent.conf to expire gpg-agent's cache after some time:
default-cache-ttl 72000
max-cache-ttl 72000
That's not the issue I'm having. I want to load my username into the selection and, as soon as I paste it, load the password into the selection. AFAIK, pass doesn't allow me to do that. I would have to find some other way of detecting that the selection was pasted and use that in a wrapper script around pass.
What do you do for stuff that only needs a password?
I just use <username><password> for the password of my SSH keys and press Shift+Insert twice. But you could also bind mimir -v password to a different key, e.g. Mod4+p to paste username and password and Mod4+Shift+p to only paste the password.
I always liked the idea of
pass, but I never really understood how people use it. Do you never logout? Do you write a script that runspassfor the username and again for the password? But then how do you know when to run it the second time sincepassalways times out after a fixed number of seconds? I also didn't like that each entry was stored in a separate file and that the whole structutre was unencrypted.So, as a proper introvert, I didn't ask for help but instead wrote my own script that essentially grabs values by key from an encrypted text file and passes them to
xcliplike this:Each
xclipcommand blocks until the user pastes once and then clears the selection buffer. (The arguments don't make sense, but they are important.) I can pressShift+Insert Tab Shift+Insert Enteron login forms. Awesome!I've used this basic technique for many years now and it works well for me. Over the years, I've added and improved features and recently I started polishing it, which I'm now done with. (I even wrote tests!)
Neat tool, maybe I'll mess around with it later.
You can configure
~/.gnupg/gpg-agent.confto expire gpg-agent's cache after some time:For websites I use the Browserpass extension to fill login forms with Shift+Ctrl+F. For other logins I just run
pass whateverand copy/paste in the usual way. I know it's less secure to have your password hanging around in the paste buffer but like you, I always found the auto-timeout to be clunky.What do you do for stuff that only needs a password? For example with ssh, I have my username configured on a per-host basis in
~/.ssh/config, so I only ever need input my password (and only if I don't have GSSAPI nor an authorized key setup, though I guess that's irrelevant to this discussion). I guess you could either paste the username elsewhere or into the password prompt and then clear it with Ctrl+Y?That's not the issue I'm having. I want to load my username into the selection and, as soon as I paste it, load the password into the selection. AFAIK,
passdoesn't allow me to do that. I would have to find some other way of detecting that the selection was pasted and use that in a wrapper script aroundpass.I just use
<username><password>for the password of my SSH keys and pressShift+Inserttwice. But you could also bindmimir -v passwordto a different key, e.g.Mod4+pto paste username and password andMod4+Shift+pto only paste the password.