0

I am looking for a simple, open-source password manager for linux with a CLI. It has to have a way of retrieving a password via the command line, so I can use it in several scripts (that sync my email for example).

I came across pass (https://www.passwordstore.org/). It looks very promising and exactly like the program I was looking for, however there is one thing I can't figure out.

Using pass git init and pass git push, I can synchronize the passwords to an external git repository.

However: this is not enough to use the passwords on a different machine, because the gpg keys are not synchronised. How can I synchronize the gpg keys/pass passwords in a safe way?

I found this question: synchronising gnupg and pass but is doesn't really answer my question. It just says "don't put your gpg keys on the web".

Ruben
  • 159
  • 9

1 Answers1

0

In the end, I gave up on trying to make this work and used KeePassXC.

Then, in order to obtain a password from KeePass using the command line, I use:

    gpg2 --use-agent --output - -q  passphrase.gpg | keepassxc-cli show -q -a Password passwords.kdbx the_secret_password_i_am_looking_for

The passphrase.gpg file contains the KeePass password and is encrypted using a symmetric key, meaning that it only needs a passphrase to unlock it.

In my gpg-agent.conf file, I put the following contents:

max-cache-ttl 60480000
default-cache-ttl 60480000
display :0

This effectively remembers the passphrase until the end of the session. I hope it is of use to someone.

Edit: the synchronization part is done by syncing the KeePass database using Dropbox.

Ruben
  • 159
  • 9