password manager with age encryption
This project is in development, not ready for serious use. Things might break. That being said, please use it and report any issues.
The release page includes binaries for Linux, mac OS ~and Windows~ (last Release for Windows is
0.5.1) as well as
deb files for Debian / Ubuntu.
With a rust toolchain present, you could do this (which makes sense if you want to contribute):
$ git clone https://github.com/stchris/passage.git # Dependencies for Debian / Ubuntu $ apt install libxcb-render0-dev libxcb-shape0-dev libxcb-xfixes0-dev libdbus-1-dev $ cargo install --path .
passage creates an age-encrypted storage file, whose current default location depends on the OS family, for a given username
Linux: `/home/user/.local/share/passage/entries.toml.age` mac OS: `/Users/user/Library/Application Support/entries.toml.age` Windows: `C:\Users\user\AppData\Roaming\passage\data\entries.toml.age`
You can create this file by running
passage init once. Check the path to the storage folder at any time with
$ passage info Storage folder: /home/chris/.local/share/passage/entries.toml.age
Now let's create a new entry with
$ passage new:
Passphrase: New Entry: email Password for email:
So here we are prompted for three things:
Passphraseis the secret we want to encrypt the password with
New Entryis the name of the entry we want to create
Password for <entry>is the password we want to store
passage list should show one entry (
$ passage show email # the password gets copied to the clipboard
$ passage show --on-screen email # the password is printed to the console
passage is able to call into git-style hooks before or after certain events which affect the password database. A typical use case for hooks is if your password file is stored in version control and you want to automatically push / pull the changes when interacting with
To use hooks you need the respective folder, its path can be seen by running
passage info. By convention you put executable scripts inside there named after the hook you want to react on. These scripts are called and passed the event which triggered the hook as the first argument.
pre_load(called before the password database gets loaded)
post_save(called after an update to the password database)
These commands trigger hooks:
post_savewith event name
pre_loadwith event name
pre_loadwith event name
Example hook scripts can be found here.
passage will try to store the passphrase of your database into the OS keyring. You can run
passage keyring check to see if this works. If you no longer want the password to be stored in the keyring run
passage keyring forget.
$ passage Password manager with age encryption USAGE: passage [FLAGS] <SUBCOMMAND> FLAGS: -h, --help Prints help information -n, --no-keyring Disable the keyring integration -V, --version Prints version information SUBCOMMANDS: help Prints this message or the help of the given subcommand(s) info Display status information init Initialize the password store keyring Keyring related commands list List all known entries new Add a new entry show Decrypt and show an entry