From 28aeadf005dc77aea112469b189ac8bae80cbafe Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?= <anarcat@debian.org>
Date: Wed, 14 Feb 2024 14:48:40 -0500
Subject: [PATCH] mention that passwords can be recovered with plain gpg

---
 service/password-manager.md | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/service/password-manager.md b/service/password-manager.md
index b9fedcaf..c7cfeaab 100644
--- a/service/password-manager.md
+++ b/service/password-manager.md
@@ -117,6 +117,15 @@ TODO: document a step-by-step procedure to recreate a minimal git
 server or exchange updates to the store. Or Syncthing or Nextcloud
 maybe?
 
+If the `pass` command somehow fails to find passwords, you *should* be
+able to decrypt the passwords with GnuPG directly. Assuming you are in
+the password store (e.g. `~/.password-store/tor`), this should work:
+
+    gpg -d < luks/servername
+
+If that fails, it should tell you which key the file is encrypted
+to. You need to find a copy of that private key, somehow.
+
 # Reference
 
 <!-- this section is a more in-depth review of how this service works, -->
-- 
GitLab