LinuxCommandLibrary

gopass

Manage passwords securely

TLDR

Initialize the configuration settings

$ gopass init
copy

Create a new entry
$ gopass new
copy

Show all stores
$ gopass mounts
copy

Mount a shared Git store
$ gopass mounts add [store_name] [git_repo_url]
copy

Search interactively using a keyword
$ gopass show [keyword]
copy

Search using a keyword
$ gopass find [keyword]
copy

Sync all mounted stores
$ gopass sync
copy

Show a particular password entry
$ gopass [store_name|path/to/directory|email@email.com]
copy

SYNOPSIS

gopass [global-options] <command> [<command-options>] [<arguments>]

PARAMETERS

-h, --help
    Show context-sensitive help

-V, --version
    Print version information

-d, --debug
    Enable debug logging

-v, --verbose
    Increase verbosity (repeatable)

-q, --quiet
    Suppress feedback messages

--color={auto|always|never}
    Force color output mode

--store <name>
    Select specific store

--all-stores
    Operate on all stores

--clip-timeout <seconds>
    Clipboard timeout duration

--safecontent
    Sanitize output for terminals

--no-banner
    Suppress welcome banner

--dir <path>
    Root directory for stores

--git-dir <path>
    Custom git directory

DESCRIPTION

gopass is a lightweight, secure password manager for the command line, fully compatible with the standard Unix password store (pass). It uses GPG for encryption and Git for versioning and synchronization across machines.

Key features include:
• Multi-store support for separating personal/work passwords.
• Password generation with customizable templates.
• OTP (one-time password) and TOTP support.
• Browser integration via extensions.
• Auto-sync and partial mounts for large stores.
• Extensions for mounts, JSON handling, and more.

gopass stores passwords in plain text files encrypted individually with recipients' GPG keys. Paths serve as hierarchical organization (e.g., web/github.com/username). It's written in Go for speed, portability (Linux, macOS, Windows), and easy installation via binaries or package managers.

Ideal for users preferring CLI over GUIs, with seamless Git workflow for backups and sharing.

CAVEATS

Requires GPG2 and Git. Passwords temporarily unencrypted in memory. No built-in key management; use gpg(1). Large stores may need partial mounts.

COMMON SUBCOMMANDS

init: Initialize new store
generate: Generate & insert password
insert: Insert or edit password
show: Decrypt & display password
ls: List paths
rm: Delete entry
git: Git operations
sync: Sync all stores

GETTING STARTED

1. gopass init <gpg-id>
2. gopass generate email/provider.com/user
3. gopass show path retrieves securely.

HISTORY

Rewritten in Go by Justus Winter and Philipp Schindler in 2017 as a faster, extensible alternative to pass(1). Active development with v1.14+ supporting mounts and extensions. Widely used in Unix ecosystems.

SEE ALSO

pass(1), gpg(1), git(1)

Copied to clipboard