gopass-ui icon indicating copy to clipboard operation
gopass-ui copied to clipboard

Published 20 hours ago verified publisher icon codecentric

gopass-UI fails to use encryption subkey

Open ghost opened this issue 4 years ago • 2 comments

Mac OS 10.14 gopass CLI correctly encrypts & decrypts using my Encryption subkey, but gopass-UI seizes upon the master key, which was "removed" during GPG key creation. Here listed are my keys:

➜ ~ gpg --list-secret-keys /Users/herk/.gnupg/pubring.kbx

sec# rsa4096 2020-05-16 [C] B632FAE4E38007F7E0EAC765977BFD885398E03D uid [ultimate] Rexford Gibbs [email protected] uid [ultimate] RJ Gibbs [email protected] ssb rsa4096 2020-05-16 [S] ssb rsa4096 2020-05-16 [E] ssb rsa4096 2020-05-16 [A]

The hash char (#) after the first key, sec#, indicates that the master key is offline.

Can gopass-UI be configured to use the encryption subkey ssb rsa4096 2020-05-16 [E]?

Thanks. Rexford Gibbs

ghost avatar May 17 '20 11:05 ghost

Hi @HerkOHerk

thanks for contributing. Under the hood we are simply calling the gopass cli like „gopass sync“. (See https://github.com/codecentric/gopass-ui/blob/master/src/renderer/secrets/Gopass.ts)

How do you use the CLI?

Best regards Matthias

ruettenm avatar May 17 '20 18:05 ruettenm

Hi, Matthias.

To first test the gpg encryption/decryption I run this:

Simple GPG-Key Test ————————— #1 - A Clear Text Document: ➜ ~ echo 'pseudo-password' > doc #2 - Encrypt: ➜ ~ gpg -c --armor --cipher-algo AES256 --output ~/doc.gpg ~/doc #3 - Decrypt: ➜ ~ gpg -q --for-your-eyes-only -d ~/doc.gpg pseudo-password

Then I test the gopass CLI as follows:

➜ ~ gopass insert personal/email-pw Enter password for personal/email-pw: Retype password for personal/email-pw: ➜ ~ ➜ ~ gopass show personal/email-pw SeanPapa2017

I also tried qtpass, and it had the same problem: could not decrypt secrets.

Regards.

Herk On May 18, 2020, 1:38 AM +0700, Matthias Rütten [email protected], wrote:

Hi @HerkOHerk thanks for contributing. Under the hood we are simply calling the gopass cli like „gopass sync“. (See https://github.com/codecentric/gopass-ui/blob/master/src/renderer/secrets/Gopass.ts) How do you use the CLI? Best regards Matthias — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or unsubscribe.

ghost avatar May 17 '20 23:05 ghost