The article describes installation process of pass zx2c4 and browser intergration passFF from WSL2 on Windows platform. This approach can ensure correct structure of password storage which can include chars which are not possible use in the filename system on windows. There are much more several reasons why handle pass inside the WSL Linux system and externalize just connection to passFF and external calling by wsl pass command.
Windows:
-
install WSL2 Ubuntu 20.04 LTS in powershell:
Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux choco install wsl-ubuntu-2004start and update ubuntu 20.04,
sudo apt update,sudo apt upgrade -
Change distribution by WSL commands:
https://docs.microsoft.com/en-us/windows/wsl/wsl-config
wsl -l
wsl -s Ubuntu-20.04
wsl lsb_release -aWSL:
-
Install pass and your linux storage in wsl:
sudo apt install pass git qrencode xclip -
Import your gpg keys:
gpg --import /mnt/c/Users/user/Downloads/privkey.asc gpg --import /mnt/c/Users/user/Downloads/gpg-public.keychange trust to ultimate (necessary for pass):
gpg --edit-key <KEY-ID> type cmds: trust, choose 5, Y/save, quit -
Clone your password-store git to new destination:
git clone ssh://git@<SERVER>:<PORT>/<PSSWORD-STORE-PROJECT>.git ~/.password-store
or create new one password-storage by standard commands:
pass init
pass git init
pass git remote add origin ssh://git@<SERVER>:<PORT>/<PSSWORD-STORE-PROJECT>.gitSign and push supports settings:
pass git config --global user.email "<YOUR-EMAIL>"
pass git config --global user.name "<YOUR-NAME>"
pass git config --global user.signingkey <YOUR-GPG-KEY-ID>Finally, test it from powershell or cmder:
wsl passRun PASSFF in Firefox and Chrome
from WSL:
curl -sSL github.com/passff/passff-host/releases/latest/download/install_host_app.sh | bash -s -- firefox
curl -sSL github.com/passff/passff-host/releases/latest/download/install_host_app.sh | bash -s -- chromeFYI the are installed to:
/home/<user>/.mozilla/native-messaging-hosts
/home/<user>/.config/google-chrome/NativeMessagingHostsAnd on Windows, install passff-host too!
git clone git@github.com:passff/passff-host.git
c:\Users\<user>\git\github\passff-host\src\install_host_app.bat firefox --local
c:\Users\<user>\git\github\passff-host\src\install_host_app.bat chrome --localGPG PASSPHRASE Dialog Solution
There is problem that external commands from windows cannot show passphrase dialog which is inside the wsl, if the command line is not started.
So, you can change the ttl time to 8h:
In your ~/.gnupg/gpg-agent.conf file, add the following:
default-cache-ttl 28800
max-cache-ttl 28800Clear cache for fast testing: gpg-connect-agent reloadagent /bye
GPG PASSPHRASE Dialog Solution 2 (better choice)
Usage the pinentry from several ways. There is just one example with very nice small git project with powershell dialog.
https://github.com/diablodale/pinentry-wsl-ps1
TRICK! Use git clone command not from Windows! but from linux path, because it keeps correct EOL etc.
It means: git clone https://github.com/diablodale/pinentry-wsl-ps1 /mnt/c/Users/<user>/git/github/pinentry-wsl-ps1
in ~/.gnupg/gpg-agent.conf add line:
pinentry-program /mnt/c/Users/<user>/git/github/pinentry-wsl-ps1/pinentry-wsl-ps1.shPASSFF-HOST TRICK
Now needs hack, because "wsl" command cannot be started from passff-host, direct full path has to be used instead of wsl command!
So, edit passff.bat in installed folder:
c:\Users\<user>\AppData\Roaming\passff\passff.bat Change content by calling directly ubuntu 20.04, python3 inside and your internal passff.py which see the internal pass.
Content of c:\Users\<user>\AppData\Roaming\passff\passff.bat (firefox passff variant):
@ECHO OFF
"C:\Users\<user>\AppData\Local\Microsoft\WindowsApps\ubuntu2004.exe" run "/usr/bin/python3" "/home/<user>/.mozilla/native-messaging-hosts/passff.py" %*Finally:
Install Passff extension for your Firefox.
Test it!
DONE!
Fast Links
