I use pass(1), AKA "password-store" as my password manager. I like it for a
number of reasons:
* It is a command line program. The command line is my preferred
environment, and it works on headless machines.
* It is a neat tool that does one thing and does it right. No frills.
It adds convenience to a bunch of operations that I could do by hand.
* It is easy to understand how it works. The resulting database is a
hierarchy of individually encrypted files, that can be opened with a plain
gpg command, even if pass(1) is not installed.
* It can be even used as a hierarchical, private note-taking application.
So far I never used the git integration feature. I've decided to
evaluate it while I'm migrating the password store to my new GPG key.
So far I'm positively impressed.
The process is well documented in the manpages. In a nutshell, it boils down
to invoking `pass git init`. Every modification to the password store
will be committed individually. There's no need for a tutorial, as the
documentation already provides useful examples.
I'm pleased to notice how the authors cared for little details, such as
defining a `textconv` command for the gpg diff driver (see git-config(1),
diff.<driver>.textconv). This allows to look at the commit history in
plaintext, provided that you've got the private key to which the password store
was encrypted.
It is important to notice that such settings are applied in the
git/config file, which is not tracked with git. If a password store
is cloned fresh, it should be re-initiated with `pass git init`.
