GNU bug report logs -
#67937
30.0.50; auth-source-pass relies on epa-file being enabled
Previous Next
Full log
View this message in rfc822 format
> From: Arsen Arsenović <arsen <at> aarsen.me>
> Cc: 67937 <at> debbugs.gnu.org
> Date: Wed, 20 Dec 2023 20:58:08 +0100
>
> > How can it decrypt the string when you disable decryption? What is
> > the replacement of epa-file that would decrypt the data string?
>
> Even with epa-disable, it could use epa-decrypt-region to decrypt the
> password from the file.
>
> For some context, I'll briefly summarize how password-store (pass)
> works: pass stores credentials as one line representing the secret and
> the rest being aux data (usually usernames and similar) in each file.
> One file represents one set of credentials, encrypted via PGP (an
> example filename is
> ~/.password-store/gentoo/gentoo.org/arsen <at> gentoo.org.gpg).
>
> To get a given password from a given password store entry,
> auth-source-pass needs to decrypt this file and get the first line of
> the decrypted contents.
>
> Currently, auth-source-pass relies on epa-file facilities to decrypt the
> password entries, but those do nothing after epa-file-disable. Instead,
> it should use something like epa-decrypt-region or such (sorry, not too
> familiar with EasyPG).
>
> AIUI, epa-file-disable disables *automatic* decryption, not all forms of
> decryption.
Thanks. So it sounds like you are asking for a feature that currently
doesn't exist, AFAIU. I added a couple of people to this discussion
who were involved with auth-source-pass, in the hope that they will
have suggestions and comments.
This bug report was last modified 206 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.