4

I've setup up Pass with a GPG key. That key expires at some point in the future. In preparation for this event, how would I update Pass to use a new Key? Do I just manually update the key id and password file that Pass uses?

shusson
  • 181
  • 8
  • 1
    the man page describes ~/.password-store/.gpg-id have you tried looking in there for clues? I don't know this utility, never used it. but that's where i would start. – Nalaurien Jun 09 '17 at 01:41
  • yeah that was my first stop, it's not clear to me how to update the key. – shusson Jun 09 '17 at 01:46
  • nvm it was in the man page all along. – shusson Jun 09 '17 at 01:53
  • glad you got it sorted :) hah, yeah its in the text for the first item, looked over it the first time cuz i thought it was only for initialization. – Nalaurien Jun 09 '17 at 01:55

2 Answers2

4

After looking closer at the man page you can update the public encryption key with:

pass init [ --path=sub-folder, -p sub-folder ] new-gpg-id
shusson
  • 181
  • 8
3

Alternatively, you can simply extend the key's validity period by running gpg --edit-key <key-id>. Anyway, key expiry dates don't really add additional security.

Jens Erat
  • 23,816
  • 12
  • 75
  • 96