-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathexample_pkpassrc
96 lines (80 loc) · 4.25 KB
/
example_pkpassrc
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
# I was not positive how exactly to group these arguments, the name groups make sense
# to me at the time of writing this.
###################################################################################
# Data Stores #
###################################################################################
# cabundle is used to validate certificates
cabundle: ~/path/to/cabundle
# certpath and keypath together make up the recipients database
certpath: ~/path/to/certificates
keypath: ~/path/to/keys
# pwstore is which the passwords will be saved
pwstore: ~/passdb/passwords/base
###################################################################################
# System Resources #
###################################################################################
# card_slot is the pkcs library card to be used, if not specified it will be 0
# card_slot: 0
# identity is the active user of pkpass, defaults to system username
identity: ${put_your_cert_name_here}
# time is use in the clipboard functionality to decide how long to keep a password in the
# clipboard
time: 30
###################################################################################
# Password Modifications #
###################################################################################
# Escrow is a feature that allows someone to shard shares of passwords to a group of individuals
# none of these shards by themselves will reveal the password, however, enough parts of the shards
# together allow for recovery of said password.
# escrow_users are the group of users that you shard passwords to
# min_escrow is the minimum number of escrow_users needed to recover the password
# escrow_users: bob, alice, jim
# min_escrow: 2
# Pkpass supports the ability to generate passwords based on a user-defined regular expression
# rules_map is used in pkpass's generation functionality, if you ask for a generated password
# it will by default look at 'default'; if you define in your rc file a value for 'rules'
# the new default will be that key
# rules_map:
# default: "[^\\s]{20}"
# different_pattern: "([a-z]|[A-Z]|[0-9]){15}"
# rules: different_pattern
###################################################################################
# Custom PkPass functionality #
###################################################################################
# You can custom define groups in this file as well, is this example mitm
# consists of users bob, alice, eve, chuck and you could distribute a password
# to this group with `pkpass.py distribute -g mitm`
# mitm: bob, alice, eve, chuck
# pkpass supports allowing plugins to connect out to external services for certificates
# connect defines an arbitrary dictionary that will be used for a given connector
# The root name will need to match the installed python module The names of the keys
# under 'ExampleConnector' should match what the connector library is expecting
# there are not global defined keys to use. Consult the library you are importing for what the keys should be
# base directory tells it where to store the certs locally
# connect:
# base_directory: /path/to/local/certs
# ExampleConnector:
# url_arg: "https://example.com"
# id_arg: "567"
# key_arg: "super_secret_key"
# arbitrary_list_arg:
# - "26994"
# or an empty map
# NoReqConnector: {}
###################################################################################
# Theming #
###################################################################################
# pkpass supports colorful output you can turn this off by setting the following to
# false instead
color: true
# pkpass also supports the user changing the colors that will appear by providing a
# color map using 256 colors
# theme_map:
# you can pass in the numerical representation
# info: "1"
# if you pass a wrong value, it will go with the default color
# first_level: "257"
# you can pass a hex value
# second_level: "#0000FF"
# or you could pass the color name
# warning: "yellow"