The 'pass' password manager uses gpg keys.
However, gpg itself can be used for symmetric encryption of files.
Does pass only work using public/private keys, or is it possible to use with symmetric encryption?
‘Pass’ password manager – does it require public key
gpgpassword
Best Answer
The
passpassword manager requires a public key for encrypting its files (where the managed passwords are stored) - and it requires a private key to decrypt its files.It isn't possible to configure
passto use gpg's 'pure' symmetric file encryption (cf. the-cor--symmetricGPG options).This is due to the design of
pass- using GPG's public key cryptography for file encryption/decryption allows for flexibility, e.g. for configuring multiple keys - say - such that a group of users has access to the managed passwords.Also note that GPG uses a hybrid scheme when encrypting a file for one or many recipients (i.e. using one or many public keys): it randomly generates a session key for the symmetric encryption of the file and then just uses the public key/keys to encrypt the session key.