A simple password manager using age written in POSIX sh. Based on pash by dylanaraps.
- Automatically generates an
agekey if one is not detected. - Written in safe and shellcheck compliant POSIX
sh. - Only
120~LOC (minus blank lines and comments). - Configurable password generation using
/dev/urandom. - Guards against
set -x,psand/procleakage. - Easily extendible through the shell.
- Ability to edit passwords using
$EDITOR
age
Examples: pa add web/gmail, pa list, pa del facebook, pa show github, pa edit sourcehut.
USAGE
pa 0.1.0 - age-based password manager
=> [a]dd [name] - Create a new password, randomly generated
=> [d]el [name] - Delete a password entry.
=> [e]dit [name] - Edit a password entry with vim.
=> [l]ist - List all entries.
=> [s]how [name] - Show password for an entry.
Password length: export PA_LENGTH=50
Password pattern: export PA_PATTERN=_A-Z-a-z-0-9
Store location: export PA_DIR=~/.local/share/pa
I was looking for a shell-based password manager that used age. Actually, see my blog post if you're really that curious:
https://j3s.sh/thought/storing-passwords-with-age.html
The passwords are stored in age encrypted files located at ${XDG_DATA_HOME:=$HOME/.local/share}/pa}.
Set the environment variable PA_DIR to a directory.
# Default: '~/.local/share/pa'.
export PA_DIR=~/.local/share/pa
# This can also be used as a one-off.
PA_DIR=/mnt/drive/pa pa listIt's a file! Standard UNIX utilities can be used here.
A shell function can be used to add new commands and functionality to pa. The following example adds pa git to execute git commands on the password store.
pa() {
case $1 in
g*)
cd "${PA_DIR:=${XDG_DATA_HOME:=$HOME/.local/share}/pa}"
shift
git "$@"
;;
*)
command pa "$@"
;;
esac
}