> Saw that -- awesome. I rolled something similar where gitcrypt.salt and gitcrypt.pass were stored in a gpg-encrypted file. After cloning, you decrypt once with gpg, then un-smudge all the encrypted files. No more gpg after that.
That's essentially how the GPG feature works.
git-crypt doesn't use anything called "gitcrypt.salt" or "gitcrypt.pass" though - you might be confusing git-crypt with another project. (I may very well end up renaming git-crypt - it's a way too generic name.)
Cool. I think that's the way to go. If you needed GPG for things beyond the initial checkout, automated git deploys (among other things) would be out of the question.
You might be confusing git-crypt with another project.
This is just a shell script (no compiled code), started about a year before your git-crypt, but interestingly the design is very similar. Both of you are using smudge and clean filters with AES 256.
That's essentially how the GPG feature works.
git-crypt doesn't use anything called "gitcrypt.salt" or "gitcrypt.pass" though - you might be confusing git-crypt with another project. (I may very well end up renaming git-crypt - it's a way too generic name.)