dominikschulz
commented
2 years ago I'm afraid but that's not supported today. I haven't closely followed if age itself did add some kind of persistent agent support.
But gopass had it for a while until I realized that it might be insecure so instead of shipping something which might be dangerous I removed it.
We could make a new attempt, but we'll need to make some careful changes around that (e.g. who can talk to the agent, unlocked private key material should not leave the agent, ...). Also possibly issues w/ OS specific keychains.
maddovr
Summary
I want to use gopass with age as my auth-source for managing my email passwords. I use mbsync/msmtp to read and send emails locally and I passed
gopass mail/whateveras a command since the PassCmd option in both config accepts stdin and it works nicely, however age seems to forget the password every 5 minutes or so and I'm prompted with a pinentry dialog, which might be more secure but is bad UX since mbsync runs every 5 minutes to check for emails. Is there a solution to unlock age at login automatically (or just once per session?)Edit: Could I do the autounlock if I added an ssh key as a recipient and then dumped it into ssh-agent? Also would adding a recipient re-encrypt the whole store to use that key instead?