Pass – A Simple command-line Password Manager for Linux
Keep tracking the password is one of the big challenge to everyone now a days since we has multiple password like email, bank, social media, online portal, and ftp, etc.,.
Password managers are become very famous due to the demand and usage. In Linux so many alternatives are available, GUI based and CLI based. Today we are going to discuss about CLI based password manager called pass.
pass is a simple command line password manager for Linux which stores password inside of a
gpg encrypted file. These encrypted files are organized in well folder hierarchies.
All passwords live in
~/.password-store, and it provides simple commands for adding, editing, generating, and retrieving passwords.
It is a very short and simple shell script. It’s capable of temporarily putting passwords on your clipboard and tracking password changes using git.
This is a small shell script which use few default tools like gnupg, tree and git, there are active community offering GUI & extensions for pass.
How to Install Pass in Linux
Pass is available in the repositories of most major distributions. So, use your distribution package manager to get installed.
$ sudo apt-get install pass
For RHEL/CentOS based systems, use yum package manager to install pass.
$ sudo yum install pass
For Fedora system, use dnf package manager to install pass.
$ sudo dnf install pass
For openSUSE system, use zypper package manager to install pass.
$ sudo zypper in password-store
For Arch Linux based systems, use pacman package manager to install pass.
$ pacman -S pass
How to generate GPG key pair
Make sure you have your own GPG key pair. If no, create a GPG key pair by running following command on terminal and follow the instructions.
$ gpg --gen-key
The above command will ask a series of questions to create a GPG key pair, so input the required details carefully and few question you can leave default answer which is enough.
Initiate the password store
If you got a GPG key pair then initialize the local password store by running the following command, you can pass either
email-id or gpg-id.
$ pass init firstname.lastname@example.org mkdir: created directory '/home/magi/.password-store/' Password store initialized for email@example.com
The above command will create a password store under
pass command is offering simple syntax to manage password. Let’s see one by one like adding, editing, generating, and retrieving passwords.
Check the hierarchical tree by firing below command.
$ pass or $ pass ls or $ pass show Password Store
I didn’t see any tree hierarchical, so we will create our own based on our requirement.
Insert a new password info
We are going to save gmail id and its password by running below command.
$ pass insert eMailfirstname.lastname@example.org mkdir: created directory '/home/magi/.password-store/eMail' Enter password for eMailemail@example.com: Retype password for eMailfirstname.lastname@example.org:
Do the same until you insert all your entries. Saving Facebook credential.
$ pass insert Social/Facebook_2daygeek mkdir: created directory '/home/magi/.password-store/Social' Enter password for Social/Facebook_2daygeek: Retype password for Social/Facebook_2daygeek:
We can list all the existing passwords in the store.
$ pass show Password Store ├── 2g ├── Bank ├── eMail │ ├── email@example.com │ └── firstname.lastname@example.org ├── eMail ├── Social │ ├── Facebook_2daygeek │ └── Gplus_2daygeek ├── Social └── Sudha └── email@example.com
Show existing password
$ pass eMailfirstname.lastname@example.org *******
Copy the password in clipboard
To copy the password directly onto the clipboard temporarily instead of printing on terminal, use the following command which is more secure method and it will clear the password automatically after 45 seconds.
$ pass -c eMailemail@example.com Copied eMailfirstname.lastname@example.org to clipboard. Will clear in 45 seconds.
Generate a new password
If you want to generate hard and guess password instead of odd one, it will do by using the pwgen utility internally.
$ pass generate eMailemail@example.com 15 An entry already exists for eMailfirstname.lastname@example.org. Overwrite it? [y/N] y The generated password for eMailemail@example.com is: y!NZ<%T)5Iwym_S
To generate password without symbols.
$ pass generate eMailfirstname.lastname@example.org 15 -n An entry already exists for eMailemail@example.com. Overwrite it? [y/N] y The generated password for eMailfirstname.lastname@example.org is: TP9ACLyzUZUwBwO
Edit existing password
Insert a new password or edit an existing password using editor. When you run below command it will open the file
/dev/shm/pass.wUyGth1Hv0rnh/6kOBG-eMailemail@example.com in text editor which contain the password. Just add new password then save and exit.
$ pass edit eMailfirstname.lastname@example.org File: /dev/shm/pass.wUyGth1Hv0rnh/6kOBG-eMailemail@example.com TP9ACLyzUZUwBwO
Remove a Password
To remove existing password. It will remove the entry from
~/.password-store which is contain
$ pass rm eMailfirstname.lastname@example.org Are you sure you would like to delete eMailemail@example.com? [y/N] y removed '/home/magi/.password-store/eMailfirstname.lastname@example.org'
To save detailed info like, URL, username, password, pin, etc,., Use the following format. Make sure you have to add first entry as a password since it used to copy first line as a password when you use clipboard option, and the additional information on subsequent lines.
$ pass insert eMailemail@example.com -m Enter contents of eMailfirstname.lastname@example.org and press Ctrl+D when finished: H3$%hbhYT URL : http://www.2daygeek.com Info : Linux Tips & Tricks Ftp User : 2g