The authentication with passwords has been quite wide spread these days. This safety measure might be quite good for the security matter, but, eventually, consumers appear in a big need of password management method – a tool, a program or a clever technique – in order to save the used passwords during all of the processes. Such products are available all around the web and they can be found in both mood types – offline and online. These software and tool suggestions distinguish by their interface, design and target conduction (either for corporative, or for individual clients). Thus, for instance, you can find several GUI-based password managing tools for an individual client and one of the most popular among them is the KeePass. However, people, who are not keen in GUI at all, there is another method you can use and we are about to disclose you all of the details you need to know about it. This management password approach is based on command lines in Ubuntu and it offers you a superb utility – based on easy commands – for your password tracking process.
Let’s begin with some useful information. Know that pass utility is, by the way, a shell script fronted that gets and applies many other different tools like gpg, xsel, pwgen etc in order to eventually deal with your passwords. The OpenPGP, as a matter of fact, plays a key role in this process. In other words, every single password has moved through an encryption process with the special gpg utility and then it has been saved at a special store for passwords. Thus, the information of any password is possible to be given back through these methods: auto-cleaning clipboard interface or terminal. Moreover – the pass utility we were talking about is known to be very customer-friendly, easy and flexible. It allows you to store all of the passwords directly in OpenPGP, which is a very nicely secured file with plain text. Moreover – you can even classify the different passwords and putting them into different group categories. The bash auto completion is also supported and in general, you are simplified to use TAB keys in order to fill in commands or to remember long passwords.
How to install the pass on Linux
howopensource@esprimo:~$ sudo apt-get install pass The following extra packages will be installed: gnupg-agent gnupg2 libksba8 libpth20 pinentry-gtk2 pwgen tree xclip
For Fedora and CentOS use
howopensource@esprimo:~$ sudo yum install pass
How to initialize the store for local password
An initialization is a must before starting using the pass utility. Do not worry, because once you do it, you don’t have to do anything else with time. What you have to make is to create a GPG key pair – public/private keys – (in case you already don’t have such) and to establish your store for local password. To create it, you need to do the following:
howopensource@esprimo:~$ gpg --gen-key
Just like it is mentioned below, you will have to answer several questions. In case you have doubts about some answers, better use the provided defaults suggestions. Then, you will need to settle a passphrase for your security pass, which is a process that is a part of key generation and which requires an access to any password that is saved in your local password store. The ~/.gnupg is the successfully made generated key pair store location. Pay attention to the e-mail that you entered, because later on you will need it.
Then, you have to make the initialization of the local password store. Do it by running the next commands and do not forget to insert your e-mail to conduct it to your GPG created key few minutes ago.
howopensource@esprimo:~$ pass init email@example.com mkdir: created directory ‘/home/howopensource/.password-store/’ Password store initialized for firstname.lastname@example.org howopensource@esprimo:~$
If you want to see different options just type pass –help.
howopensource@esprimo:~$ pass --help
How to put new password
To put new password into the store for local password, you need this format. With
howopensource@esprimo:~$ pass insert howopensource/mysql Enter password for howopensource/mysql: Retype password for howopensource/mysql:
To see stored passwords just type command without parameters:
howopensource@esprimo:~$ pass Password Store └── howopensource └── mysql
Pass utility stores everything as a free form plain text. Which means you can store anything in any arbitrary format for different sites – username/password, PIN, access key pairs, login url, etc. Also you can store any other password related metadata such as login url, security questions/answers or even any secrets that you may have.
For that purpose you can also input data as multi-lines by using -m parameter by following the next steps. Select your preferable format and then click Ctrl+D to end up the process.
howopensource@esprimo:~$ pass insert -m finance/my_bank Enter contents of finance/my_bank and press Ctrl+D when finished: login: my login to this bank password: password for this bank login url: http://bank.com/ebank
So basically you can store any data in such way.
How to see the entire list of passwords
To see this list, what you have to do is only to type the command without parameters pass.
howopensource@esprimo:~$ pass Password Store ├── finance │ └── my_bank ├── howopensource │ ├── mysql │ └── user └── social ├── facebook └── twitter
How to retrieve a password
If you want an access to the content of a certain password list, follow the next commands. To perform this action, type the passphrase, which is the only way to unlock the security key.
howopensource@esprimo:~$ pass howopensource/mysql howopensource_supper_secure_password
You might also use the next command in case you prefer to copy the password and paste it to the clipboard in order to avoid its appearance in the terminal screen. When you copy it for the first time, the password will be cleared – automatically – in less than a minute.
howopensource@esprimo:~$ pass -c howopensource/mysql
Or in case with multilines and my bank account login data.
howopensource@esprimo:~$ pass finance/my_bank login: my login to this bank password: password for this bank login url: http://bank.com/ebank
Generating new password
Here are tip for generation and storing of new passwords in the password store directory. Pass utility allows you a generation of a completely new password, too. You can use the new password for different aims. Be aware that pass utility will use the pwgen utility in order to generate a really safe password. Moreover – you are able to name the number of letters for each password and even to require inputting or not imputing symbols. For instance, if you want to process a 10-charecter password – without using symbols.
howopensource@esprimo:~$ pass generate howopensource/mysql 10 -n
How to remove the password
It is very simple to eliminate the current password info. Follow this:
howopensource@esprimo:~$ pass rm howopensource/mysql
As a conclusion, we must say that there’s no doubt about the flexible and portable nature behind the pass, but what is even greater about it is that it is user-friendly and very helpful. It allows you to find the organization you need without even using the GUI.