Vault gets wiped on startup when using pass
beauby opened this issue · comments
Using pass
on Linux, the vault gets wiped when starting proton-bridge (bridge -c
) if the gpg key is not unlocked (the key has a passphrase):
WARN[Mar 28 17:05:26.856] Failed to get test credentials from keychain error="exit status 2: gpg: public key decryption failed: No such file or directory\ngpg: decryption failed: No such file or directory\n" helper="*pass.Pass"
WARN[Mar 28 17:05:26.948] Failed to load existing vault, vault has been reset error="failed to decrypt vault: cipher: message authentication failed"
WARN[Mar 28 17:05:26.953] The vault is corrupt and has been wiped
Expected Behavior
Gracefully fail, or prompt to unlock.
Current Behavior
Wipe out the vault.
Possible Solution
Steps to Reproduce
- Set up
pass
with passphrase-protected gpg key - Run
bridge -c
Version Information
3.10.0
Context (Environment)
Detailed Description
Possible Implementation
A big +1 on this issue. It has happened a few times that I either dismissed the GPG password dialog box or waited too long to fill it in (apparently there is a timeout).
What happens then is that I lose everything and need to set up bridge all over again: settings, accounts, client-side passwords, followed by the long and costly re-download of my whole mailbox.
I would be very happy if this were fixed!
I use thefollowing sequence on Debian:
pass xxx
This will ask for the passphrase and give the key. It opens the database. The database seems to stay open for a limited time.
Thereafter I can start bridge without a problem.
protonmail-bridge --cli
j.
This is a big problem, since whenever the vault gets wiped, I have to do this:
- Check the CLI for a new password
- Edit the password in
pass
with the new password, for IMAP - Do the same for SMTP
- Export the new
cert.pem
key - Move the key to the location where my mail agent (isync/mbsync) is configured to find it
- Wait for a large sync operation to sync all my mail over again
- Trash my whole maildir folder, since the UID validity has now changed, and
mbsync
won't sync any more - Recreate the maildir