Replies: 3 comments 4 replies
-
This is exactly what the mounts feature of gopass was designed for. We don't encrypt the names of secrets so you might not want to make your password store repos completley public. We have initially used gopass in the exact same setting like you describe above. |
Beta Was this translation helpful? Give feedback.
-
This should be done at the Git level, in my opinion, but you cannot prevent the company administrator to add their own public key to any store if they have access (but an user could notice an extra key being added during sync). Here is the way I would set it up:
Example commands to achieve this using age (with GPG it would be the same, and you could use yubikeys or hardware token for extra security):
@dominikschulz BTW, any idea why it says "missing public key" here? |
Beta Was this translation helpful? Give feedback.
-
In our case, we'd like to centralize the stores to reduce operation load for each team and reach a certain level of consistency. Is there a way to have multiple stores in one git repo? Or is there a way to make a git folder as a "remote" of a store? e.g. |
Beta Was this translation helpful? Give feedback.
-
Is it possible to use gopass to store groups secrets?
Best I can do to explain is to present my use case:
Beta Was this translation helpful? Give feedback.
All reactions