Passpie: manage login credentials from the terminal (opens in new tab)

(marcwebbie.io)

18 pointsaye10y ago8 comments

8 comments

Seems similar to 'pass' (http://www.passwordstore.org) but IMO without pass' killer feature: git integration. pass manages passwords as a directory tree of gpg encrypted files which can be easily synchronized with multiple machines using built-in git integration (not to mention all the other benefits of version control, like undo/redo, history, etc).

troyjfarrell10y ago

Version control is really cool for this sort of information. Unfortunately, pass leaks information in filenames, which is a pretty big problem for some uses. In my opinion, the version control needs to be built into the application to avoid all the potential side channel information leaks.

dkbrk10y ago

I think it's important to point out that whether something like this matters depends entirely on your security model. For example, an attacker learning that I have a gmail account isn't very useful information, so I don't consider it confidential. This is a property of most of my credentials.

The way pass is built on top of gpg encrypted files in git is at the core of its robustness and simplicity. Creating an encrypted, version controlled store from scratch would be a not insignificant engineering effort, though something similar could be accomplished, for example, by putting the password store inside encfs.

If the mere existence of a credential is considered confidential information, a simple measure to bypass this flaw is to give it a meaningless randomly generated name such as "faithful_iceberg".

mataug10y ago

I've been using pass for a while now. It's quite mature and stable. I use it with git and put it through encfs and sync it with dropbox. Works quite well.

I hope this matures enough to compete with `pass`

pcpolice10y ago

Hm, that's what put me off pass. I want to manage my own dotfiles git repository.

asimilator10y ago

The git integration is optional. If you don't turn it on you just have a .password-store directory of gpg encrypted files. I don't see why you couldn't add that to your dot files git repo.

marcwebbie10y ago

I am the author of Passpie and one of my goals with passpie was that it should be as configurable as possible. Pass(http://www.passwordstore.org) is a great and mature cli application and as with any great applications there are alternatives.

History (undo/redo) is planned on passpie, probably using git as well.

Some ideas are: passpie history --list passpie history --undo XYZ passpie history --redo ABC passpie history --backend git --redo 123 passpie history --sync

You may like pass you may like passpie you may like both. :)

rkuska10y ago

For Fedora users:

http://copr-fe.cloud.fedoraproject.org/coprs/rkuska/passpie/

j / k navigate · click thread line to collapse

8 comments

asimilator10y ago

troyjfarrell10y ago

dkbrk10y ago

If the mere existence of a credential is considered confidential information, a simple measure to bypass this flaw is to give it a meaningless randomly generated name such as "faithful_iceberg".

mataug10y ago

I've been using pass for a while now. It's quite mature and stable. I use it with git and put it through encfs and sync it with dropbox. Works quite well.

I hope this matures enough to compete with `pass`

pcpolice10y ago

Hm, that's what put me off pass. I want to manage my own dotfiles git repository.

asimilator10y ago

The git integration is optional. If you don't turn it on you just have a .password-store directory of gpg encrypted files. I don't see why you couldn't add that to your dot files git repo.

marcwebbie10y ago

History (undo/redo) is planned on passpie, probably using git as well.

Some ideas are: passpie history --list passpie history --undo XYZ passpie history --redo ABC passpie history --backend git --redo 123 passpie history --sync

You may like pass you may like passpie you may like both. :)

rkuska10y ago

For Fedora users:

http://copr-fe.cloud.fedoraproject.org/coprs/rkuska/passpie/

j / k navigate · click thread line to collapse