You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
keepmenu can already read keepass databases, so implementation of this should be trivial. We probably don't need to spin up a daemon for this and should forego caching altogether.
Rationale: software like mutt or weechat allow you to specify commands to decrypt data that can be used for passphrase purposes (SMTP/POP3/IMAP/IRC auth, certificate decryption, etc.). Typically you would use plain gpg for this: gpg --batch -q --decrypt ~/.config/mutt/master.gpg. Or a password manager like pass: pass show weechat/passphrase. This forces to either use another password manager or different encrypted files, which promotes secret sprawl.
This way all secrets can be kept in one database and retrieved by the same tool.
The proposal is to add -s/--show "mode" with an argument to display a password entry at the specified path. This can be extended to other fields, but I think just the password entry could be a good start.
The text was updated successfully, but these errors were encountered:
keepmenu can already read keepass databases, so implementation of this should be trivial. We probably don't need to spin up a daemon for this and should forego caching altogether.
Rationale: software like
mutt
orweechat
allow you to specify commands to decrypt data that can be used for passphrase purposes (SMTP/POP3/IMAP/IRC auth, certificate decryption, etc.). Typically you would use plaingpg
for this:gpg --batch -q --decrypt ~/.config/mutt/master.gpg
. Or a password manager likepass
:pass show weechat/passphrase
. This forces to either use another password manager or different encrypted files, which promotes secret sprawl.Furthermore, solving this will unlock usage in software like chezmoi for secret retrieval: https://www.chezmoi.io/reference/templates/secret-functions/secret/. Maybe it'll deserve its own function for chezmoi in the future.
This way all secrets can be kept in one database and retrieved by the same tool.
The proposal is to add
-s
/--show
"mode" with an argument to display a password entry at the specified path. This can be extended to other fields, but I think just the password entry could be a good start.The text was updated successfully, but these errors were encountered: