The 'pass' password manager uses gpg keys.
However, gpg itself can be used for symmetric encryption of files.
Does pass only work using public/private keys, or is it possible to use with symmetric encryption?
gpgpassword
The 'pass' password manager uses gpg keys.
However, gpg itself can be used for symmetric encryption of files.
Does pass only work using public/private keys, or is it possible to use with symmetric encryption?
Best Answer
The
pass
password manager requires a public key for encrypting its files (where the managed passwords are stored) - and it requires a private key to decrypt its files.It isn't possible to configure
pass
to use gpg's 'pure' symmetric file encryption (cf. the-c
or--symmetric
GPG options).This is due to the design of
pass
- using GPG's public key cryptography for file encryption/decryption allows for flexibility, e.g. for configuring multiple keys - say - such that a group of users has access to the managed passwords.Also note that GPG uses a hybrid scheme when encrypting a file for one or many recipients (i.e. using one or many public keys): it randomly generates a session key for the symmetric encryption of the file and then just uses the public key/keys to encrypt the session key.