Pass zx2c4 and PassFF for WSL2 Windows
source link: https://fishlive.org/en/blog-tech-art/pass-zx2c4-and-passff-for-wsl2-windows
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Pass zx2c4 and PassFF for WSL2 Windows
23rd Jun 2021
The article describes installation process of pass zx2c4 and browser intergration passFF from WSL2 on Windows platform. This approach can ensure correct structure of password storage which can include chars which are not possible use in the filename system on windows. There are much more several reasons why handle pass
inside the WSL Linux system and externalize just connection to passFF and external calling by wsl pass
command.
Windows:
-
install WSL2 Ubuntu 20.04 LTS in powershell:
Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux choco install wsl-ubuntu-2004
start and update ubuntu 20.04,
sudo apt update
,sudo apt upgrade
-
Change distribution by WSL commands:
https://docs.microsoft.com/en-us/windows/wsl/wsl-config
wsl -l
wsl -s Ubuntu-20.04
wsl lsb_release -a
WSL:
-
Install pass and your linux storage in wsl:
sudo apt install pass git qrencode xclip
-
Import your gpg keys:
gpg --import /mnt/c/Users/user/Downloads/privkey.asc gpg --import /mnt/c/Users/user/Downloads/gpg-public.key
change trust to ultimate (necessary for pass):
gpg --edit-key <KEY-ID> type cmds: trust, choose 5, Y/save, quit
-
Clone your password-store git to new destination:
git clone ssh://git@<SERVER>:<PORT>/<PSSWORD-STORE-PROJECT>.git ~/.password-store
or create new one password-storage by standard commands:
pass init
pass git init
pass git remote add origin ssh://git@<SERVER>:<PORT>/<PSSWORD-STORE-PROJECT>.git
Sign and push supports settings:
pass git config --global user.email "<YOUR-EMAIL>"
pass git config --global user.name "<YOUR-NAME>"
pass git config --global user.signingkey <YOUR-GPG-KEY-ID>
Finally, test it from powershell or cmder:
wsl pass
Run PASSFF in Firefox and Chrome
from WSL:
curl -sSL github.com/passff/passff-host/releases/latest/download/install_host_app.sh | bash -s -- firefox
curl -sSL github.com/passff/passff-host/releases/latest/download/install_host_app.sh | bash -s -- chrome
FYI the are installed to:
/home/<user>/.mozilla/native-messaging-hosts
/home/<user>/.config/google-chrome/NativeMessagingHosts
And on Windows, install passff-host too!
git clone [email protected]:passff/passff-host.git
c:\Users\<user>\git\github\passff-host\src\install_host_app.bat firefox --local
c:\Users\<user>\git\github\passff-host\src\install_host_app.bat chrome --local
GPG PASSPHRASE Dialog Solution
There is problem that external commands from windows cannot show passphrase dialog which is inside the wsl, if the command line is not started.
So, you can change the ttl time to 8h:
In your ~/.gnupg/gpg-agent.conf file, add the following:
default-cache-ttl 28800
max-cache-ttl 28800
Clear cache for fast testing: gpg-connect-agent reloadagent /bye
GPG PASSPHRASE Dialog Solution 2 (better choice)
Usage the pinentry from several ways. There is just one example with very nice small git project with powershell dialog.
https://github.com/diablodale/pinentry-wsl-ps1
TRICK! Use git clone command not from Windows! but from linux path, because it keeps correct EOL etc.
It means: git clone https://github.com/diablodale/pinentry-wsl-ps1 /mnt/c/Users/<user>/git/github/pinentry-wsl-ps1
in ~/.gnupg/gpg-agent.conf add line:
pinentry-program /mnt/c/Users/<user>/git/github/pinentry-wsl-ps1/pinentry-wsl-ps1.sh
PASSFF-HOST TRICK
Now needs hack, because "wsl" command cannot be started from passff-host, direct full path has to be used instead of wsl command!
So, edit passff.bat
in installed folder:
c:\Users\<user>\AppData\Roaming\passff\passff.bat
Change content by calling directly ubuntu 20.04, python3 inside and your internal passff.py which see the internal pass.
Content of c:\Users\<user>\AppData\Roaming\passff\passff.bat
(firefox passff variant):
@ECHO OFF
"C:\Users\<user>\AppData\Local\Microsoft\WindowsApps\ubuntu2004.exe" run "/usr/bin/python3" "/home/<user>/.mozilla/native-messaging-hosts/passff.py" %*
Finally:
Install Passff extension for your Firefox.
Test it!
DONE!
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK