3

I'm started to use unix password manager Pass

Some passwords are not critical to me and I'm using them very often

So it's became very annoying to me to type passphrase to get some password.

Is there a way to type passphrase only once?

megas
  • 171
  • 7
  • 2
    Please [edit] your question and clarify. What operating system are you using? Who asks for the password? Is it `sudo`? Is it `pass` itself? – terdon Dec 07 '15 at 14:58
  • 1
    The underlying encryption software used by `pass` is `gpg`. So your question is really a `gpg` question, how do you cache your password. – hymie Dec 07 '15 at 15:31
  • What is the scenario for this 'Is there a way to type password only once?' – MichaelJohn Dec 07 '15 at 17:25

2 Answers2

2

This is the intended functionality: you want to be prompted for a passphrase when you access encrypted material.

You can, however, as a trade off between security and convenience, cache your passphrase in an agent running as a daemon. This enables you to be prompted for the passphrase once, authenticate, and then for the credential to be held in memory for a specified and configurable amount of time so that subsequent requests within that time frame are handed to the agent.

There are a number of applications that handle this: gpg-agent ships with GPG. Or you could use keychain or Envoy, both of which manage SSH and GPG keys.

You can start these agents when you login, the Arch Wiki has the details.

jasonwryan
  • 71,734
  • 34
  • 193
  • 226
1

hymie is right, the question is related to gpg.

The solution is tricky for me, so here's one for OSX:

  1. Install pinentry-mac

    brew install pinentry-mac

  2. Create file ~/.gnupg/gpg-agent.conf with lines:

    pinentry-program /usr/local/bin/pinentry-mac

    default-cache-ttl 86400

    max-cache-ttl 86400

  3. When pinentry program requires a passphrase, check box to keep this passphrase

megas
  • 171
  • 7