I'm interested in this, what do you use to host the git repo? Just a private repo on something like github or your own server? How do you backup your private key?
I'm interested in this, what do you use to host the git repo? Just a private repo on something like github or your own server? How do you backup your private key?
I also use pass. Any forge you feel like is fine (I use gitlab). I backup my gpg key with `gpg —export-owner-trust` and store that backup elsewhere.
Pass has a pretty good ecosystem of plugins/other clients, as well. There are open source iOS/Android clients and browser extensions so once you’re setup the day-to-day experience is not far off from any of the popular hosted password managers.
My only real issue is the dependency on gpg, as it’s pretty long in the tooth and a hassle to operate. (If you are not comfortable using gpg, spend some time learning that before you go all-in on pass!) There’s a fork[1] which swaps gpg for age, but it hasn’t attracted enough attention to get a similar ecosystem of mobile clients/browser extensions, so it’s not a very practical choice IMHO.
[1]: https://github.com/FiloSottile/passage
It's next-to-impossible to implement pass on every device everywhere and have all the same features on each client without reimplementing all of GnuPG. It pushes a lot on to GnuPG.
God help you if you want to use the PGP applet on a Yubikey or smartcard. The pieces all exist, but wiring them all up in a mobile app is hard and the result is janky.
I don't think Age will catch on as a replacement until it has a gpg-agent equivalent to facilitate access.
I run Gitea on my own server. (I didn't switch to Forgejo because it's not in the Debian repositories.) I don't have a backup of my private key... I should do that.