LinuxCommandLibrary

pass

Manage passwords securely from the command line

TLDR

Initialize (or re-encrypt) the storage using one or more GPG IDs

$ pass init [gpg_id_1] [gpg_id_2]
copy

Save a new password and additional information (press on a new line to complete)
$ pass insert [[-m|--multiline]] [path/to/data]
copy

Edit an entry
$ pass edit [path/to/data]
copy

Copy a password (first line of the data file) to the clipboard
$ pass [[-c|--clip]] [path/to/data]
copy

List the whole store tree
$ pass
copy

Generate a new random password with a given length, and copy it to the clipboard
$ pass generate [[-c|--clip]] [path/to/data] [num]
copy

Initialize a new Git repository (any changes done by pass will be committed automatically)
$ pass git init
copy

Run a Git command on behalf of the password storage
$ pass git [command]
copy

SYNOPSIS

pass [options] command [command-options]

PARAMETERS

-h, --help
    Display help message and exit.

-v, --version
    Display version information and exit.

init
    Initialize the password store using the specified GPG ID.

insert [-m]
    Insert a new password at the given path. '-m' means allow multiline password.

edit
    Edit the password at the given path.

show
    Show the password at the given path.

find
    Find passwords matching the given string.

generate [-c] [-n ] [-l ]
    Generate a new password at the given path. '-c' adds special characters. '-n' specifies number of passwords to generate. '-l' specifies password length.

rm [-r]
    Remove the password at the given path. '-r' recursively removes directory.

cp
    Copy password from to .

mv
    Move password from to .

ls [path]
    List the passwords in the given path (or the root if no path is specified).

grep
    Grep all password contents for given string.

DESCRIPTION

pass is a lightweight and straightforward password manager for the command line. It stores passwords in GnuPG-encrypted files, organized into a directory tree. Each password file is a standard text file containing the password and optionally, additional information such as notes or usernames. pass uses GPG for encryption and decryption and git for version control, allowing for easy synchronization of your password store across multiple machines. It's designed to be minimalist and extensible, with a focus on simplicity and security.

Unlike more complex password managers with graphical interfaces, pass focuses on a pure command-line experience, appealing to users comfortable with the terminal. This approach allows for integration with other command-line tools and scripting, expanding its flexibility.

CAVEATS

pass relies heavily on the security of GPG and git. Ensure your GPG key is properly secured and your git repository is protected.

CONFIGURATION

pass uses `~/.password-store` directory by default. You can change the location by setting `PASSWORD_STORE_DIR` environment variable.

EXTENSIBILITY

pass is designed to be extensible with shell scripts. This allows you to add custom functionality, such as integrating with web browsers or other applications.

HISTORY

pass was created to provide a simple and secure command-line password management solution.
It gained popularity among developers and system administrators who prefer a minimalist approach. Its reliance on standard tools like GPG and Git makes it easy to integrate into existing workflows.

SEE ALSO

gpg(1), git(1)

Copied to clipboard