https://kazuf3.nicheapplab.com/categories/credential-management/ Recent content in Credential Management on Blog https://kazuf3.nicheapplab.com/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E https://kazuf3.nicheapplab.com/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E Hugo en-us Wed, 06 May 2026 10:04:41 -0700 https://kazuf3.nicheapplab.com/posts/use-of-pass-and-kleopatra/ Wed, 06 May 2026 10:04:41 -0700 https://kazuf3.nicheapplab.com/posts/use-of-pass-and-kleopatra/ <p>Here is the complete Markdown article for your setup. It includes the updated path logic and the switch to pipx for better tool isolation.</p> <p>This guide walks you through a &ldquo;hardened&rdquo; credential setup: storing secrets in the Linux-native pass utility within WSL2, while leveraging Gpg4win/Kleopatra on Windows to handle secure graphical passphrase prompts.</p> <h2 id="why-this-setup">Why this setup?</h2> <ul> <li>Safety: Secrets are encrypted at rest with GnuPG.</li> <li>Convenience: Uses the Windows GUI (Kleopatra) for passphrase entry.</li> <li>More robust than other pinentry setup, especially when you use pgp keys for different applications, such as magit on <code>emacs -nw</code> or <code>sbt publishSigned</code>, that asks passphrases in an async interactive session of a shell.</li> </ul> <hr> <h2 id="1-prerequisites">1. Prerequisites</h2> <ol> <li>Windows: <a href="https://www.gpg4win.org/">Gpg4win</a> installed (includes Kleopatra).</li> <li>WSL2: A Linux distro (e.g., Ubuntu) installed.</li> </ol> <hr> <h2 id="2-generate-your-gpg-key-pair">2. Generate Your GPG Key Pair</h2> <p>Before using pass, you need a GPG key pair to encrypt your secrets. Generate the key:</p>