Password management in the terminal done right.
2017-07-16
Update: Some time ago I wrote a little more detailed intro to pass
on the
tilde.institute wiki
I spend most of my time in front a computer in the terminal ... I'm used to it, and I like it a lot. There's nothing (well, almost nothing) a terminal app or a combination of apps can't do (way better some times that its graphical counterparts).
One of those apps that's particularly useful is pass. A password manager for the terminal.
Is quite simple. It creates a hierarchy of folders and files in
$PASSWORD_STORE_DIR
(~/.password-store
by default) and encrypts them with
your GPG key.
It can copy the recovered passwords to the clipboard, has bash
and
zsh
completion. Can generate random passwords for you and more ...
You can also create multi-line stores with extra information, but just
the first line will be copied to the clipboard when you use -c
.
They have a great web page explaining all that, and a really good man page, so there's no excuse to have ugly methods for managing your passwords ... or no methods at all !
The things I use the most:
pass -c site/foo.com/username
This one gets the password for username@foo.com
and puts it on your
clipboard.
pass generate -c email/me@foo.com
This one generates a random password, stores it on email/me@foo.com
and copies it to the clipboard. Pretty useful when you're singing in to
a new service.
pass edit foo/bar/baz
This one edits one of your entries. Mind that generate won't ask for password, as you're encrypting to your GPG public key, but edit or show will. It's a good idea to have GPG agent setup, so you can control how/when passwords are requested.