A simple password manager using age written in POSIX sh. Based on pash by dylanaraps.
- Automatically generates an
agekey if one is not detected. - Written in safe and shellcheck compliant POSIX
sh. - Only
120~LOC (minus blank lines and comments). - Configurable password generation using
/dev/urandom. - Guards against
set -x,psand/procleakage. - Easily extendible through the shell.
- Ability to edit passwords using
$EDITOR
age
pa
a simple password manager based on age
commands:
[a]dd [name] - Add a password entry.
[d]el [name] - Delete a password entry.
[e]dit [name] - Edit a password entry with nvim.
[l]ist - List all entries.
[s]how [name] - Show password for an entry.
env vars:
Password length: export PA_LENGTH=50
Password pattern: export PA_PATTERN=_A-Z-a-z-0-9
Password/key dir: export PA_DIR=~/.local/share/pa
Examples:
pa add web/gmail
pa list | grep chan
pa del facebook
pa show github
pa edit sourcehut
I was looking for a shell-based password manager that used age. Actually, see my blog post if you're really that curious:
https://j3s.sh/thought/storing-passwords-with-age.html
The passwords are stored in age encrypted files located at ${XDG_DATA_HOME:=$HOME/.local/share}/pa}.
Set the environment variable PA_DIR to a directory.
# Default: '~/.local/share/pa'.
export PA_DIR=~/.local/share/pa
# This can also be used as a one-off.
PA_DIR=/mnt/drive/pa pa listIt's a file! Standard UNIX utilities can be used here.
A shell function can be used to add new commands and functionality to pa. The following example adds pa git to execute git commands on the password store.
pa() {
case $1 in
g*)
cd "${PA_DIR:=${XDG_DATA_HOME:=$HOME/.local/share}/pa/passwords}"
shift
git "$@"
;;
*)
command pa "$@"
;;
esac
}