LinuxCommandLibrary

bw

Manage Bitwarden password vault

TLDR

Log in to a Bitwarden user account

$ bw login
copy

Log out of a Bitwarden user account
$ bw logout
copy

Search and display items from Bitwarden vault
$ bw list items --search [github]
copy

Display a particular item from Bitwarden vault
$ bw get item [github]
copy

Create a folder in Bitwarden vault
$ [echo -n '{"name":"My Folder1"}' | base64] | bw create folder
copy

SYNOPSIS

bw [options] <command> [<args>]

PARAMETERS

-h, --help
    Display help information

--version
    Show version information

--debug
    Enable debug logging

--verbose
    Verbose logging output

--quiet
    Suppress non-error output

--log-filepath <path>
    Path to log file

--pretty
    Pretty-print JSON output

--raw
    Raw JSON output (single line)

--search <term>
    Filter output by search term

--session <key>
    Resume session with key

--color
    Force colored output

--no-color
    Disable colored output

--table
    Table-formatted output

--config <dir>
    Custom config directory

--data <dir>
    Custom data directory

DESCRIPTION

The bw command provides the official command-line interface for Bitwarden, an open-source password manager used to securely store and access credentials, notes, cards, and identities.

Users start by installing bw via package managers like snap install bw, cargo, or direct binaries from GitHub releases. Authentication occurs with bw login (email and master password) or bw unlock using a session key for repeated access without re-entering credentials.

Core functionality includes generating secure passwords (bw generate), listing/searching vault items (bw list, bw get), editing/creating entries (bw edit, bw create), organizing into folders/collections (bw mkdir), and syncing data (bw sync). Supports self-hosted servers via --server and scripting with JSON output modes.

Global options enable customization like pretty-printing JSON, raw output, table views, color control, and logging. Designed for terminal efficiency and automation, it integrates seamlessly into shell scripts, dotfiles, or CI/CD pipelines while prioritizing security through encrypted sessions.

Actively maintained with regular updates for new Bitwarden features.

CAVEATS

Session keys grant full vault access; store securely and avoid logging. Requires network for cloud sync. Master password prompts are secure but non-interactive scripts need --session. Vault export/decryption irreversible without backups.

QUICK START

bw login user@example.com
bw unlock (enter passphrase)
bw generate --length 20
bw get notes mynote

COMMON SUBCOMMANDS

login, unlock, lock, logout
list items/folders, get password/id
generate, edit, create, rm
sync, status, config server

HISTORY

Released in 2016 by Bitwarden as .NET Core CLI; rewritten in Rust (2022) for better performance/cross-platform support. Evolved with Bitwarden features like TOTP, attachments; v2024.10.0+ supports biometrics/PIN.

SEE ALSO

pass(1), gopass(1), keepassxc-cli(1)

Copied to clipboard