In our last episode, we used the age-plugin-tkey age plugin with the passage tool to encrypt a local password store without gpg.
This time, we'll discuss an easier way to install the plugin (on Arch linux, anyway), and try to use it with the passff extension to load passwords into firefox automagically.
Installing the plugin with a PKGBUILD
We do still need to manually set up user id mappings for podman. I don't know a way to do this from the PKGBUILD, so I won't be submitting this to the AUR. Additional info in the Wiki. You should have a mapping for the user that builds the package, along with root.
$ cat /etc/subuid
root:100000:65536
cinnaboot:200000:65536
$ cat /etc/subgid
root:100000:65536
cinnaboot:200000:65536
Next, let's clone the PKGBUILD repo, and build/install the package.
$ git clone https://bxxa.cc/gitea/cinnaboot/age-plugin-tkey-archlinux
$ makepkg -si
Now you should have the age-plugin-tkey package installed, and the binary in your $PATH at /usr/bin/age-plugin-tkey. Now if you need to remove plugin, you can do so normally with the package manager. Check that it shows up as a foreign package.
$ pacman -Qm
age-plugin-tkey e524299-1
Set up the password store
Refer to the previous article to set up your keys, and install the passage tool. In particular, make sure to have a backup key either password protected, or offline.
Install the browser extension
There are Arch packages in extra for the extension, and the native messaging host we need, but I want to edit the configuration, so we'll install the extension from the browser, and the host application manually.
Download the extension in browser: Link
NOTE: should probably update to use the install script, and download via a release
Clone the native message host repo, and copy the files to the proper locations.
$ git clone https://github.com/passff/passff-host
$ mkdir ~/.mozilla/native-messaging-hosts/
$ cp passff-host/src/passff.* ~/.mozilla/native-messaging-hosts/
Now we need to edit the config file to point to the install location:
"path": "~/.mozilla/native-messaging-hosts/passff.py",
And, update the passff.py to use passage:
COMMAND = "passage"
Restart firefox, and you should be able to connect to the native app with the plugin UI.
And I've just crashed my whole x session...
Not working out of the box, need to debug further: