The Standard Unix Password Manager

A password manager inspired by the Unix philosophy. It has a command-line interface, and uses GnuPG for encryption and decryption of stored passwords

This guide is focused on MacOS but it should work equally well in Linux. Just replace the brew command with your distributions package manager.

Start by installing GPG

# brew install gpg
# gpg --gen-key
# gpg --list-keys

	/Users/joe/.gnupg/pubring.kbx
	---------------------------
	pub   rsa3072 2021-04-04 [SC] [expires: 2023-04-04]
	      ERGF34634ttFERF345DSF65465DRGER47BDBH213
	uid           [ultimate] Nimpen Jimmy Nordström <j@asbra.nu>
	sub   rsa3072 2021-04-04 [E] [expires: 2023-04-04]

Next step is to install the pass command

# brew install pass
# pass init ERGF34634ttFERF345DSF65465DRGER47BDBH213

	Password store initialized for ERGF34634ttFERF345DSF65465DRGER47BDBH213

Let’s try it out!

# pass insert testar/test

	Enter password for testar/test: *********
	Retype password for testar/test: *********

The passwords are stored in a directory structure as GPG encrypted files inside your home directory ~/.password-store/

You can run ls ~/.password-store/ or use the built in command to view your files.

# pass

	Password Store
	`-- testar
	    `-- test

To view a password, simply run the command with the path:

# pass testar/test

	abc123

To generate a secure 30 char password:

# pass generate testar/test2 30

	The generated password for testar/test2 is:
	arEY,C+u^eTDRb-l+1m}[lKSi')Yfi

Troubleshooting

i’ve had som troubles with the gpg-agent not asking for a password, to remedy this please kill the gpg-agent process.

# kill -9 $(pgrep gpg-agent)

Bonus tracks

Use git for version control

# pass git init
# pass git commit

To use a remote repository

# pass git remote add origin git@github.com:joe/pass-store.git
# pass git push

Moving gpg-key to another server

local# gpg --output pass.gpg --export-secret-keys ERGF34634ttFERF345DSF65465DRGER47BDBH213
remote# gpg --import pass.gpg