blob: 11221c39d9dfded051365b32239a2522d5dda02b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
#!/bin/bash
#
# Initalizes various identity management programs
#
# Must be run with bash (or probably any other shell that is not narrowly posix-compliant)
# to use here-string redirection
# Cache passphrase for gpg key in gpg-agent which is stored in KeePassXC
# Caching the GPG passphrase will allow access to pass without user input
#
# gpg-agent must be started with --allow-preset-passhprase or have it in the config file
# gpg-preset-passphrase respects gpg-agent's --max-cache-ttl option which defaults to 2 hours
# you may want to increase that if you want the password to be cached for the whole session
get_pass() {
continue=1
while [ $continue -eq 1 ]
do
keepassxc-cli show $XDG_CONFIG_HOME/keepassxc/Passwords.kdbx -a Password GPG
continue=$?
done
}
KEYGRIP="$(gpg -K --with-keygrip --with-colons | grep grp | tail -n 1 | cut -d':' -f10)"
/usr/lib/gnupg/gpg-preset-passphrase --preset $KEYGRIP <<< "$(get_pass)"
# Open graphical KeePassXC with password stored in pass, now that pass can be accessed
# without entering credentials for the GPG key
# This will also add SSH keys to ssh-agent
keepassxc $XDG_CONFIG_HOME/keepassxc/Passwords.kdbx --pw-stdin <<< "$(pass keepassxc)"
|