Page MenuHome GnuPG
Files F19741808

No OneTemporary
Actions

View Options

diff --git a/FAQ.md b/FAQ.md
index 1a9987b..a4cae38 100644
--- a/FAQ.md
+++ b/FAQ.md
@@ -1,151 +1,38 @@
# FAQ
## Issues
### Can't save a password
* Is folder initialised? Easiest way is to use the [Users] button
and make sure you can encrypt for someone (eg. yourself)
* Are you using git? If not, make sure it is switched off.
-### I have an issue with GNOME keyring
-
-* Disable GNOME keyring
-* Create a `~/.gnupg/gpg-agent.conf` containing:
-
-```yaml
-enable-ssh-support
-write-env-file
-use-standard-socket
-default-cache-ttl 600
-max-cache-ttl 7200
-```
-
-Also, the following is useful to add to
-your .bashrc if you are using Yubikey NEO on Ubuntu:
-
-```sh
-# OpenPGP applet support for YubiKey NEO
-if [ ! -f /tmp/gpg-agent.env ]; then
- killall gpg-agent;
- eval $(gpg-agent --daemon --enable-ssh-support > /tmp/gpg-agent.env);
-fi
-. /tmp/gpg-agent.env
-```
-
-* More info: [issue 60](https://github.com/IJHack/qtpass/issues/60) and [issue 73](https://github.com/IJHack/qtpass/issues/73)
-
### I don't get a passphrase / PIN dialog
* You'll need to install pinentry-qt (or -qt4 or -qt5 or even -gtk) and
possibly set the full path to that executable in your `~/.gnupg/gpg-agent.conf`
for example: `pinentry-program /usr/bin/pinentry-qt4`
* On some esotheric systems it might be necessary to create a symbolic
link `/usr/bin/pinentry` to your pinentry application of choice
eg: `ln -s /usr/bin/pinentry-qt5 /usr/bin/pinentry`
* On macOS `pinentry-program /usr/local/bin/pinentry-mac` works after installing `pinentry-mac` from homebrew.
-### I have an other issue with gpg
-
-* Possibly you have you key only in gpg and not in gpg2
-
-```bsh
-gpg --export [ID] > public.key
-gpg --export-secret-key [ID] > private.key
-gpg2 --import public.key
-gpg2 --import private.key
-rm public.key private.key
-```
-
-Where [ID] is your gpg key-id.
-
-* It might be the case where it is the other way around, exchange gpg and gpg2 accordingly . .
-
-### Git doesn't work on Windows
-
-git for Windows comes with an `ssh-askpass` compatible command, git `gui--askpass` (located in `/mingw64/libexec/git-core/git-gui--askpass` on PortableGit version, presumably some place similar for the installed version).
-
-### Git has issues with GPG SSH Authentication
-
-This tutorial might resolve your issues.
-<https://github.com/git-for-windows/git/wiki/OpenSSH-Integration-with-Pageant>
-
### Where is the configuration stored?
-QtPass tries to use the native config choice for the OS it's running.
+GnuPG Pass tries to use the native config choice for the OS it's running.
-* Linux and BSD: `$HOME/.config/IJHack/QtPass.conf`
-* macOS: `$HOME/Library/Preferences/com.IJHack.QtPass.plist`
-* Windows registry: `HKEY_CURRENT_USER\Software\IJhack\QtPass`
+* Linux and BSD: `$HOME/.config/GnuPG/GnuPGPass.conf`
+* Windows registry: `HKEY_CURRENT_USER\Software\GnuPG\GnuPGPass`
-These settings can be over-ruled by a `qtpass.ini` file in the folder where the application resides.
+These settings can be over-ruled by a `gnupgpass.ini` file in the folder where the application resides.
So called "portable config".
There are some things to take care of when trying to sync on some systems (especially OSX, with regards to text and binary .plist files).
More information: <http://doc.qt.io/qt-5/qsettings.html#platform-specific-notes>
-### Where can I ask for help?
-
-* Create an [issue](https://github.com/IJHack/qtpass/) issues on GitHub.
-* Send an email to [help@qtpass.org](mailto:help@qtpass.org)
-
### Can I import from KeePass, LastPass or X?
* Yes, check [passwordstore.org/#migration](https://www.passwordstore.org/#migration)
for more info.
-
-### I don't see icons on the buttons
-
-You do not have the Qt SVG library installed.
-Please install using your favorite package manager.
-
-### I get icons that do not fit my (X11) default
-
-* On some WindowManagers, Qt doesn't know what icon set to use. A trick:
-
-```sh
-export DESKTOP_SESSION=gnome
-```
-
-* Another possible reason is, that the currently installed Qt Version gives problems (e.g. on Linux Mint 17.3)
-Then you'll have to install the current version via your package manager or if this is not up-to-date,
-download it from <https://www.qt.io/download/> install it and run:
-
-```sh
-/PATHTOYOURQTINSTALLATION/5.5/gcc_64/bin/qmake
-make
-(sudo) make install
-```
-
-where `PATHTOYOURINSTALLATION` is the path you selected in the qt installer (default `/home/YOURUSER/Qt/` )
-and 5.5 has to be adapted for the Qt version you downloaded.
-
-### I don't like the design, what gives?
-
-* It's all on GitHub, clone, change and send a pull request.
-* Open an issue and point out defects or better yet propose changes.
-
-### QtPass is not in my native language
-
-* Unfortunately, QtPass might not support your native language, or the translations might be incomplete. Check if newer versions of QtPass support it.
-* If translations are available but aren't working, try to set the language manually (see below) or open an issue.
-
-### How do I set the language manually?
-
-QtPass uses the system language. Changing it depends on your system:
-
-* on Linux: ```LANGUAGE=fr qtpass``` will run QtPass in French.
-
-## How can I help improve QtPass?
-
-### I would like to donate
-
-* Time:
- * Read [contributing](CONTRIBUTING.md) documentation.
- * Fork, clone hack and send a pull request.
- * Find an [issue](https://github.com/IJHack/qtpass/issues) to work on..
- * Participate in our bug bounty, you submit an issue and help us
- fix it, I send you a bounty.
-* Money:
- * IJhack takes donations in [Bitcoin](https://blockchain.info/address/146dqz8zXn9iNZMv5s7JVqwZKjrmumHBfb)
diff --git a/README.md b/README.md
index 6ffd46c..9c28097 100644
--- a/README.md
+++ b/README.md
@@ -1,188 +1,87 @@
-# QtPass
-
-[![latest packaged version(s)](https://repology.org/badge/latest-versions/qtpass.svg)](https://repology.org/metapackage/qtpass)
-[![Build status](https://ci.appveyor.com/api/projects/status/9rjnj72rdir7u9eg/branch/master?svg=true)](https://ci.appveyor.com/project/annejan/qtpass/branch/master)
-[![Coverity scan](https://scan.coverity.com/projects/5266/badge.svg)](https://scan.coverity.com/projects/ijhack-qtpass)
-[![Coverage Status](https://coveralls.io/repos/github/IJHack/QtPass/badge.svg)](https://coveralls.io/github/IJHack/QtPass)
-[![codecov](https://codecov.io/gh/IJhack/QtPass/branch/master/graph/badge.svg)](https://codecov.io/gh/IJhack/QtPass)
-[![CodeFactor](https://www.codefactor.io/repository/github/ijhack/qtpass/badge)](https://www.codefactor.io/repository/github/ijhack/qtpass)
-[![Packaging status](https://repology.org/badge/tiny-repos/qtpass.svg)](https://repology.org/metapackage/qtpass)
-[![FOSSA Status](https://app.fossa.io/api/projects/git%2Bgithub.com%2FIJHack%2FQtPass.svg?type=shield)](https://app.fossa.io/projects/git%2Bgithub.com%2FIJHack%2FQtPass?ref=badge_shield)
-[![Translation status](https://hosted.weblate.org/widgets/qtpass/-/qtpass/svg-badge.svg)](https://hosted.weblate.org/engage/qtpass/?utm_source=widget)
-[![QMake Github Action](https://github.com/IJHack/QtPass/workflows/QMake/badge.svg)](https://github.com/IJHack/QtPass/actions)
-
-QtPass is a GUI for [pass](https://www.passwordstore.org/),
-the standard unix password manager.
+# GnuPG Password manager
## Features
-* Using `pass` or `git` and `gpg2` directly
* Configurable shoulder surfing protection options
-* Cross platform: Linux, BSD, macOS and Windows
* Per-folder user selection for multi recipient encryption
* Multiple profiles
* Easy onboarding
-Logo based on [Heart-padlock by AnonMoos](https://commons.wikimedia.org/wiki/File:Heart-padlock.svg).
-
## Installation
-### From package
-
-OpenSUSE & Fedora
-`yum install qtpass`
-`dnf install qtpass`
-
-Debian, Ubuntu and derivates like Mint, Kali & Raspbian
-`apt-get install qtpass`
-
-Arch Linux
-`pacman -S qtpass`
-
-Gentoo
-`emerge -atv qtpass`
-
-Sabayon
-`equo install qtpass`
-
-FreeBSD
-`pkg install qtpass`
-
-macOS
-`brew install --cask qtpass`
-
-Windows
-`choco install qtpass`
-
-[![Packaging status](https://repology.org/badge/vertical-allrepos/qtpass.svg)](https://repology.org/metapackage/qtpass)
-[![Translation status](https://hosted.weblate.org/widgets/qtpass/-/multi-auto.svg)](https://hosted.weblate.org/engage/qtpass/?utm_source=widget)
-
### From Source
#### Dependencies
-* QtPass requires Qt 5.10 or later (Qt 6 works too)
-* The Linguist package is required to compile the translations.
-* For use of the fallback icons the SVG library is required.
-
-At runtime the only real dependency is `gpg2` but to make the most of it, you'll need `git` and `pass` too.
+* GnuPG Password Manager requires Qt 5.15 or later (Qt 6 works too)
-Your GPG has to be set-up with a graphical pinentry when applicable, same goes for git authentication.
-On Mac macOS this currently seems to only work best with `pinentry-mac` from homebrew, although gpgtools works too.
+Your GnuPG has to be set-up with a graphical pinentry when applicable, same goes for git authentication.
On most unix systems all you need is:
```sh
-qmake && make && make install
+mkdir build && cd build && cmake .. && make && make install
```
## Using profiles
Profiles allow to group passwords. Each profile might use a different git repository and/or different gpg key.
A typical use case is to separate personal and work passwords.
> **Hint**<br>
> Instead of using different git repositories for the various profiles passwords could be synchronized with different
> branches from the same repository. Just clone the repository into the profile folders and checkout the related
> branch.
-### Example
-
-The following commands set up two profile folders:
-
-```sh
-cd ~/.password-store/
-git clone https://github.com/vendor/personal-passwords personal && echo "personal/" >> .gitignore
-git clone https://github.com/company/group-passwords work && echo "work/" >> .gitignore
-pass init -p personal [personal GnuPG-ID] && git -C personal push
-pass init -p work [work GnuPG-ID] && git -C work push
-```
-
-**Note:**
-
-* Replace `[personal GnuPG-ID]` and `[work GnuPG-ID]` with the ID from the related GnuPG key.
-* The parts `echo ... >> .gitignore` are just needed in case there is a git repository present in the base directory.
-
-Once the repositories and GnuPG-ID's have been defined the profiles can be set up in QtPass.
-
### Links of interest
* [Git Tools - Credential Storage](https://git-scm.com/book/en/v2/Git-Tools-Credential-Storage)
* [Dealing with secrets](https://gist.github.com/maelvls/79d49740ce9208c26d6a1b10b0d95b5e)
* [Git Credential Manager](https://github.com/GitCredentialManager/git-credential-manager)
* [password-store](https://git.zx2c4.com/password-store/about/)
-## Testing
-
-This is done with `make check`
-
-Codecoverage can be done with `make lcov`, `make gcov`, `make coveralls` and/or `make codecov`.
-
-Be sure to first run: `make distclean && qmake CONFIG+=coverage qtpass.pro`
-
## Security considerations
Using this program will not magically keep your passwords secure against
compromised computers even if you use it in combination with a smartcard.
It does protect future and changed passwords though against anyone with access to
your password store only but not your keys.
Used with a smartcard it also protects against anyone just monitoring/copying
all files/keystrokes on that machine and such an attacker would only gain access
to the passwords you actually use.
Once you plug in your smartcard and enter your PIN (or due to CVE-2015-3298
even without your PIN) all your passwords available to the machine can be
decrypted by it, if there is malicious software targeted specifically against
it installed (or at least one that knows how to use a smartcard).
To get better protection out of use with a smartcard even against a targeted
attack I can think of at least two options:
* The smartcard must require explicit confirmation for each decryption operation.
Or if it just provides a counter for decrypted data you could at least notice
an attack afterwards, though at quite some effort on your part.
* Use a different smartcard for each (group of) key.
* If using a YubiKey or U2F module or similar that requires a "button" press for
other authentication methods you can use one OTP/U2F enabled WebDAV account per
password (or groups of passwords) as a quite inconvenient workaround.
Unfortunately I do not know of any WebDAV service with OTP support except ownCloud
(so you would have to run your own server).
## Known issues
* Filtering (searching) breaks the tree/model sometimes
* Starting without a correctly set password-store folder
gives weird results in the tree view
-## Planned features
-
-* Plugins based on field name, plugins follow same format as password files
-* Colour coding folders (possibly disabling folders you can't decrypt)
-* Optional table view of decrypted folder contents
-* Opening of (basic auth) URLs in default browser?
- Possibly with helper plugin for filling out forms?
-* WebDAV (configuration) support
-* Some other form of remote storage that allows for
- accountability / auditing (web API to retrieve the .gpg files?)
-
-## Further reading
-
-[FAQ](FAQ.md) and [CONTRIBUTING](CONTRIBUTING.md) documentation.
-[CHANGELOG](CHANGELOG.md)
-
-[Site](https://qtpass.org/)
-[Source code](https://github.com/IJHack/qtpass)
-[Issue queue](https://github.com/IJHack/qtpass/issues)
-[Chat](https://gitter.im/IJHack/qtpass)
-
## License
### GNU GPL v3.0
[![GNU GPL v3.0](http://www.gnu.org/graphics/gplv3-127x51.png)](http://www.gnu.org/licenses/gpl.html)
View official GNU site <http://www.gnu.org/licenses/gpl.html>.
[![OSI](http://opensource.org/trademarks/opensource/OSI-Approved-License-100x137.png)](https://opensource.org/licenses/GPL-3.0)
[View the Open Source Initiative site.](https://opensource.org/licenses/GPL-3.0)

File Metadata

Mime Type
text/x-diff
Expires
Sat, Feb 1, 9:15 AM (1 d, 7 h)
Storage Engine
local-disk
Storage Format
Raw Data
Storage Handle
b4/70/5f6c70b70315e72934a80ceb9f57

Event Timeline