Secure WSL2 Credentials with pass, GnuPG, and Kleopatra
Here is the complete Markdown article for your setup. It includes the updated path logic and the switch to pipx for better tool isolation. This guide walks you through a “hardened” credential setup: storing secrets in the Linux-native pass utility within WSL2, while leveraging Gpg4win/Kleopatra on Windows to handle secure graphical passphrase prompts. Why this setup? Safety: Secrets are encrypted at rest with GnuPG. Convenience: Uses the Windows GUI (Kleopatra) for passphrase entry. More robust than other pinentry setup, especially when you use pgp keys for different applications, such as magit on emacs -nw or sbt publishSigned, that asks passphrases in an async interactive session of a shell. 1. Prerequisites Windows: Gpg4win installed (includes Kleopatra). WSL2: A Linux distro (e.g., Ubuntu) installed. 2. Generate Your GPG Key Pair Before using pass, you need a GPG key pair to encrypt your secrets. Generate the key: ...