Using pass on NixOS
On NixOS, you may find that pass, the standard unix password
manager fails with a cryptic error
when it tries to decrypt passwords:
$ pass show foo
gpg: decryption failed: No secret keyThe problem is actually that pass cannot figure out how to ask you
for the master password.
One workaround is to use gpg to manually decrypt the password:
$ nix-shell -p gnupg --run 'gpg --decrypt --pinentry-mode=loopback < ~/.password-store/foo.gpg'But this sucks. A better solution is to install pinentry-curses (put it in
your systemPackages in your NixOS configuration), and then modify
$HOME/.gnupg/gpg-agent.conf (or where your $GNUPGHOME says your config file
lives) to contain the following:
pinentry-program /run/current-system/sw/bin/pinentry-cursesYou may need to reload the running gpg-agent to make it pick up the
change:
$ gpgconf --reload gpg-agent