26Haz
Passing password through terminal when using pass + gpg
I'm planning to use the pass to store passwords for a web service. My service will need to store passwords for many database servers. So my idea is store these passwords with the Linux pass command. I created a class in typescript that invokes the command with the show option. I configured gpg to use pinentry-tty instead of the graphical dialog to ask for the password so I can pass the password by stdin now. Is this secure? There is any issue using this method. For example, it is possible for other process to log my entry. If sudo command receives a password from the standard input, how can I achieve the same?