all repos — pa @ d5f52613406d3904b4c00024d715b96eb37c3666

my personal password manager

README.md

 1
 2
 3
 4
 5
 6
 7
 8
 9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
# password ass (pa)

A simple password manager using [age](https://github.com/FiloSottile/age) written in POSIX `sh`. Based on [pash](https://github.com/dylanaraps/pash) by [dylanaraps](https://github.com/dylanaraps).

- Automatically generates an `age` key if one is not detected.
- Written in safe and [shellcheck](https://www.shellcheck.net/) compliant POSIX `sh`.
- Only `120~` LOC (*minus blank lines and comments*).
- Configurable password generation using `/dev/urandom`.
- Guards against `set -x`, `ps` and `/proc` leakage.
- Easily extendible through the shell.
- Ability to edit passwords using `$EDITOR`

## Table of Contents

<!-- vim-markdown-toc GFM -->

* [Dependencies](#dependencies)
* [Usage](#usage)
* [FAQ](#faq)
    * [Where are passwords stored?](#where-are-passwords-stored)
    * [How do I rename an entry?](#how-do-i-rename-an-entry)
    * [How can I extend pa?](#how-can-i-extend-pa)

<!-- vim-markdown-toc -->

## Dependencies

- `age`

## Usage

Examples: `pa add web/gmail`, `pa list`, `pa del facebook`, `pa show github`, `pa edit sourcehut`.

```
USAGE

pa 0.1.0 - age-based password manager
=> [a]dd  [name] - Create a new password, randomly generated
=> [d]el  [name] - Delete a password entry.
=> [e]dit [name] - Edit a password entry with vim.
=> [l]ist        - List all entries.
=> [r]otate      - Generate a new age key, re-encrypt all passwords.
=> [s]how [name] - Show password for an entry.
Password length:   export PA_LENGTH=50
Password pattern:  export PA_PATTERN=_A-Z-a-z-0-9
Store location:    export PA_DIR=~/.local/share/pa
```

## FAQ

### How does this differ from `pass` or etc?

I was looking for a shell-based password manager that used age. Actually, see my blog post if you're really that curious:

https://j3s.sh/thoughts/storing-passwords-with-age.txt

### Where are passwords stored?

The passwords are stored in `age` encrypted files located at `${XDG_DATA_HOME:=$HOME/.local/share}/pa}`.

### How do I change the password store location?

Set the environment variable `PA_DIR` to a directory.

```sh
# Default: '~/.local/share/pa'.
export PA_DIR=~/.local/share/pa

# This can also be used as a one-off.
PA_DIR=/mnt/drive/pa pa list
```

### How do I rename an entry?

It's a file! Standard UNIX utilities can be used here.



### How can I extend `pa`?

A shell function can be used to add new commands and functionality to `pa`. The following example adds `pa git` to execute `git` commands on the password store.

```sh
pa() {
    case $1 in
        g*)
            cd "${PA_DIR:=${XDG_DATA_HOME:=$HOME/.local/share}/pa}"
            shift
            git "$@"
        ;;

        *)
            command pa "$@"
        ;;
    esac
}
```