gaschz/qubes-pass
1
0
Fork 0
mirror of https://github.com/gaschz/qubes-pass.git synced 2025-06-07 01:38:31 +02:00
Code Issues Packages Projects Releases Wiki Activity

Document behavioral changes.

Browse Source
This commit is contained in:
Manuel Amador (Rudd-O) 2019-07-10 00:46:47 +00:00
parent b98d1f7857
commit aec1cd9572
1 changed files with 13 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
README.md
View File

@ -34,6 +34,10 @@ These instructions assume you have installed the software. See the
Step 1: decide which VM you'll use to manage passwords, and which Step 1: decide which VM you'll use to manage passwords, and which
VM you'll use to store passwords in. VM you'll use to store passwords in.
In the password store VM, make sure that the GPG key you'll use to
encrypt the pass store is available there. Make a note of the GPG
ID of that key.
In the password manager VM, create the file `/rw/config/pass-split-domain` In the password manager VM, create the file `/rw/config/pass-split-domain`
and add the name of the password store VM as the first and only and add the name of the password store VM as the first and only
line of the file. line of the file.
@ -41,20 +45,20 @@ line of the file.
Now, from the password manager VM, run the command: Now, from the password manager VM, run the command:
``` ```
qvm-pass init qvm-pass init <GPG key ID available in the password store VM>
``` ```
This step will create the necessary GPG keys and password store database This step will initialize the password store database in the password store
in the password store VM. You'll receive a Qubes policy prompt asking VM. You'll receive a Qubes policy prompt asking you whether to allow your
you whether to allow your password manager VM to access `ruddo.PassManage` password manager VM to access `ruddo.PassManage` — it is safe to say yes.
— it is safe to say yes. You will then receive a password prompt from You will then receive a confirmation that the pass store has been created
GPG, confirming the creation of the key and the password that, in the and is encrypting keys with the specified GPG key ID.
future, will be used to encrypt and access the password store.
Note: don't forget to back your password store VM up regularly! Note: don't forget to back your password store VM up regularly!
Both your GPG ID and your encrypted passwords are there.
At this point, you are ready to `list`, `insert` and run other operations At this point, you are ready to list, `insert` and run other operations
in your password store VM. `list` and `get` operations will use the in your password store VM. list and get operations will use the
service `ruddo.PassRead`, while management operations will use the service `ruddo.PassRead`, while management operations will use the
service `ruddo.PassManage`, which allows you to set different policies service `ruddo.PassManage`, which allows you to set different policies
for different VMs based on what you want these VMs to be able to do with for different VMs based on what you want these VMs to be able to do with