This guide is focused on MacOS but it should work equally well in Linux. Just replace the brew command with your distributions package manager.
Start by installing GPG
# brew install gpg # gpg --gen-key # gpg --list-keys /Users/joe/.gnupg/pubring.kbx --------------------------- pub rsa3072 2021-04-04 [SC] [expires: 2023-04-04] ERGF34634ttFERF345DSF65465DRGER47BDBH213 uid [ultimate] Nimpen Jimmy Nordström <email@example.com> sub rsa3072 2021-04-04 [E] [expires: 2023-04-04]
Next step is to install the pass command
# brew install pass # pass init ERGF34634ttFERF345DSF65465DRGER47BDBH213 Password store initialized for ERGF34634ttFERF345DSF65465DRGER47BDBH213
Let’s try it out!
# pass insert testar/test Enter password for testar/test: ********* Retype password for testar/test: *********
The passwords are stored in a directory structure as GPG encrypted files inside your home directory ~/.password-store/
You can run ls ~/.password-store/ or use the built in command to view your files.
# pass Password Store `-- testar `-- test
To view a password, simply run the command with the path:
# pass testar/test abc123
To generate a secure 30 char password:
# pass generate testar/test2 30 The generated password for testar/test2 is: arEY,C+u^eTDRb-l+1m}[lKSi')Yfi
i’ve had som troubles with the gpg-agent not asking for a password, to remedy this please kill the gpg-agent process.
# kill -9 $(pgrep gpg-agent)
Use git for version control
# pass git init # pass git commit
To use a remote repository
# pass git remote add origin firstname.lastname@example.org:joe/pass-store.git # pass git push
Moving gpg-key to another server
local# gpg --output pass.gpg --export-secret-keys ERGF34634ttFERF345DSF65465DRGER47BDBH213
remote# gpg --import pass.gpg