111 lines
3.4 KiB
HTML
111 lines
3.4 KiB
HTML
|
---
|
||
|
layout: page
|
||
|
category-page: intermediate
|
||
|
category-title: Intermediate commands
|
||
|
tags: password dashlane keypass manager gpg encrypt sync
|
||
|
author: Claudio Maggioni
|
||
|
title: pass
|
||
|
---
|
||
|
<p>
|
||
|
The <code>pass</code> command, also known as <em>Password Store</em>, is an
|
||
|
entirely offline password manager that uses <em>GPG</em> for encryption with
|
||
|
the ability to sync the (entirely encrypted) passwords using <code>git</code>.
|
||
|
<code>pass</code> works on <em>MacOS</em> (avaliable via
|
||
|
<a href="https://brew.sh">Homebrew</a>), <em>Linux</em> and on
|
||
|
<em>Android</em> (with a GUI app). Think of it as an entirely FLOSS
|
||
|
alternative to services like <em>Keypass</em> or <em>Dashlane</em>.
|
||
|
</p>
|
||
|
|
||
|
<p>
|
||
|
Excluding the initial setup (that requires the creation of a <em>GPG key</em>),
|
||
|
<code>pass</code> is very easy and straightforward to use: instead of
|
||
|
printing passwords to <em>stdout</em>, <code>pass</code> copies them in the
|
||
|
system clipboard, erasing them after a certain number of seconds (usually
|
||
|
<em>45</em>).
|
||
|
</p>
|
||
|
|
||
|
<p>
|
||
|
<code>pass</code> has many unofficial GUI clients and migration scripts from
|
||
|
other password managers. For more information, check out
|
||
|
<a href=https://www.passwordstore.org/#other">the official website</a>.
|
||
|
</p>
|
||
|
|
||
|
<h3>Setup</h3>
|
||
|
|
||
|
<p>
|
||
|
An accurate walkthrough through the setup of <code>pass</code>, in addition
|
||
|
to some other useful sets of commands (such as how to migrate the password
|
||
|
repository to another computer) is provided
|
||
|
in this <a href="https://gist.github.com/flbuddymooreiv/a4f24da7e0c3552942ff">
|
||
|
GitHub Gist</a> by <a href="https://github.com/flbuddymooreiv">
|
||
|
<em>flbuddymooreiv</em></a>.
|
||
|
</p>
|
||
|
|
||
|
<p>
|
||
|
For more detailed explainations on the setup process or on any commands
|
||
|
please check out the online version of the
|
||
|
<a href="https://git.zx2c4.com/password-store/about/">man page</a>, which is
|
||
|
surprisingly more readable that most of the man pages for other utilities.
|
||
|
</p>
|
||
|
|
||
|
<h3>Usage</h3>
|
||
|
|
||
|
<p>
|
||
|
Common <code>pass</code> commands are shown below. For more information refer
|
||
|
to the documentation linked above.
|
||
|
</p>
|
||
|
|
||
|
<h4>Initialize the password repository with a GPG key with id "0DEADBEEF"</h4>
|
||
|
|
||
|
<pre>
|
||
|
pass init 0DEADBEEF
|
||
|
</pre>
|
||
|
|
||
|
<h4>Insert a password for <em>example.com</em> with username <em>bob</em> in
|
||
|
the password repository interactively</h4>
|
||
|
|
||
|
<pre>
|
||
|
pass insert example.com/bob
|
||
|
</pre>
|
||
|
|
||
|
<p>
|
||
|
Please note that the password <em>name</em> here follows the most common
|
||
|
naming convention in <code>pass</code>, which is
|
||
|
<code>{website}/{username}</code>. Passwords can be stored in
|
||
|
hierarchical structures (i.e. in nested folders), but the naming is up to the
|
||
|
user.
|
||
|
</p>
|
||
|
|
||
|
<h4>Generate a password for <em>zombo.com</em> of 16 characters and copy it in
|
||
|
the clipboard</h4>
|
||
|
|
||
|
<pre>
|
||
|
pass generate -c zombo.com/bob 16
|
||
|
</pre>
|
||
|
|
||
|
<h4>Retrieve the password for <em>google.com</em> and copy it in the system
|
||
|
clipboard (<code>-c</code> flag)</h4>
|
||
|
|
||
|
<pre>
|
||
|
pass -c google.com/bob@gmail.com
|
||
|
</pre>
|
||
|
|
||
|
<h4>Edit the password for <em>facebook.com</em> using the default editor</h4>
|
||
|
|
||
|
<pre>
|
||
|
pass edit facebook.com/bob
|
||
|
</pre>
|
||
|
|
||
|
<h4>Convert the password repository to a git repository for synchronization</h4>
|
||
|
|
||
|
<pre>
|
||
|
pass git init
|
||
|
</pre>
|
||
|
|
||
|
<p>
|
||
|
Every <code>git</code> command on the password repository must be given with
|
||
|
the prefix <code>pass git</code> (e.g. <code>pass git push</code>). An
|
||
|
automatic commit is performed whenever a password is created, edited or
|
||
|
deleted.
|
||
|
</p>
|