The pass program is a command line utility to store passwords plus free form extra data in small files encrypted with gpg. It provides a grep sub-command in particular to find passwords by the extra data.
But this grep sub-command is painfully slow on my machine. I have nearly 200 passwords stored and internally each file is decrypted with
gpg like so (without the time in front, of course):
% time gpg -d --quiet --yes --compress-algo=none --no-encrypt-to stackoverflow.gpg
the password output
user=0,000 sys=0,006 wall=0,382 (1,61)gpg-agent is running and I have this version:
> gpg (GnuPG) 2.2.27
Two suspicions why this is slow:
1. Startup of gpg and communication with gpg-agent is slow, supported by the fact that user+sys times are small in comparison.
2. gpg-agent is slow, supported by the fact that after a pass grep run its cumulative CPU time is increased by 60 seconds, nicely matching the total time of the complete run.
Together, both point to gpg-agent, though I have no idea why the agent should be so slow. With ps I see it running as
/bin/gpg-agent --sh --daemonstrace to the agent, I find this:
20200 14:57:03.701648 getrusage(RUSAGE_SELF, {ru_utime={tv_sec=133, tv_usec=890780}, ru_stime={tv_sec=0, tv_usec=99975}, ...}) = 0
20200 14:57:03.701666 clock_gettime(CLOCK_PROCESS_CPUTIME_ID, {tv_sec=133, tv_nsec=990762100}) = 0
20200 14:57:04.063523 getpid() = 18035clock_gettime and the getpid call.
And with ltrace:
20472 15:04:55.035574 strlen("my-password-here") = 10
20472 15:04:55.035641 gcry_kdf_derive(0x7d884b82c008, 10, 19, 2) = 0
20472 15:04:55.394727 gcry_cipher_setkey(0x7d884b82cbc0, 0x7d884b82c030, 16, 0x7d884b83c000) = 0gcry_kdf_derive takes 360ms. Whatever it does, can I get it to cache its result for a few seconds with some config setting. (... goes fetching the source code).
Asked by Harald
(1030 rep)
Jun 13, 2024, 10:44 AM
Last activity: Jun 14, 2024, 07:11 AM
Last activity: Jun 14, 2024, 07:11 AM