The gist of it is that you need a keypair (a public and private key), which GPG can generate for you.
Then whenever you insert something into the `pass` database (which is just a directory tree full of encrypted plaintext files) the tool uses the public key to encrypt the password (or anything else):
pass generate --no-symbols shopping/ebay 16
Later, when you want to read a password, you ask pass to decrypt the file using the private key from your keypair:
pass shopping/ebay 16
The difficulty is really all in managing the keys, which can be quite a faff to set up and then manage.
If you're only using gpg for `pass`, IMO it's easiest to copy the keypair (which gpg generated) to all your other machines.
A quick web search brought up a gist [0] which shows how to quickly get up and running on a single machine.
If you want to use it on another laptop/desktop/*nix-like machine you'll need to export both your public and private gpg keys and then import them on the other machine.
When using a phone you have to do something similar. The Android clients were fairly straightforward, but Pass for iOS had a very, very clunky way of getting the keys across.
Regardless, it boils down to this: get the gpg keypair on all of the devices and then get them all using the same git repo for pass.
Then whenever you insert something into the `pass` database (which is just a directory tree full of encrypted plaintext files) the tool uses the public key to encrypt the password (or anything else):
Later, when you want to read a password, you ask pass to decrypt the file using the private key from your keypair: The difficulty is really all in managing the keys, which can be quite a faff to set up and then manage. If you're only using gpg for `pass`, IMO it's easiest to copy the keypair (which gpg generated) to all your other machines.A quick web search brought up a gist [0] which shows how to quickly get up and running on a single machine.
If you want to use it on another laptop/desktop/*nix-like machine you'll need to export both your public and private gpg keys and then import them on the other machine. When using a phone you have to do something similar. The Android clients were fairly straightforward, but Pass for iOS had a very, very clunky way of getting the keys across. Regardless, it boils down to this: get the gpg keypair on all of the devices and then get them all using the same git repo for pass.
[0]: https://gist.github.com/flbuddymooreiv/a4f24da7e0c3552942ff