This is the command pass that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator
PROGRAM:
NAME
pass - stores, retrieves, generates, and synchronizes passwords securely
SYNOPSIS
pass [ COMMAND ] [ OPTIONS ]... [ ARGS ]...
DESCRIPTION
pass is a very simple password store that keeps passwords inside gpg2(1) encrypted files
inside a simple directory tree residing at ~/.password-store. The pass utility provides a
series of commands for manipulating the password store, allowing the user to add, remove,
edit, synchronize, generate, and manipulate passwords.
If no COMMAND is specified, COMMAND defaults to either show or ls, depending on the type
of specifier in ARGS. Otherwise COMMAND must be one of the valid commands listed below.
Several of the commands below rely on or provide additional functionality if the password
store directory is also a git repository. If the password store directory is a git
repository, all password store modification commands will cause a corresponding git
commit. See the EXTENDED GIT EXAMPLE section for a detailed description using init and
git(1).
The init command must be run before other commands in order to initialize the password
store with the correct gpg key id. Passwords are encrypting using the gpg key set with
init.
There is a corresponding bash completion script for use with tab completing password names
in bash(1).
COMMANDS
init [ --path=sub-folder, -p sub-folder ] gpg-id...
Initialize new password storage and use gpg-id for encryption. Multiple gpg-ids may
be specified, in order to encrypt each password with multiple ids. This command
must be run first before a password store can be used. If the specified gpg-id is
different from the key used in any existing files, these files will be reencrypted
to use the new id. Note that use of gpg-agent(1) is recommended so that the batch
decryption does not require as much user intervention. If --path or -p is
specified, along with an argument, a specific gpg-id or set of gpg-ids is assigned
for that specific sub folder of the password store. If only one gpg-id is given,
and it is an empty string, then the current .gpg-id file for the specified sub-
folder (or root if unspecified) is removed.
ls subfolder
List names of passwords inside the tree at subfolder by using the tree(1) program.
This command is alternatively named list.
grep search-string
Searches inside each decrypted password file for search-string, and displays line
containing matched string along with filename. Uses grep(1) for matching. Make use
of the GREP_OPTIONS environment variable to set particular options.
find pass-names...
List names of passwords inside the tree that match pass-names by using the tree(1)
program. This command is alternatively named search.
show [ --clip, -c ] pass-name
Decrypt and print a password named pass-name. If --clip or -c is specified, do not
print the password but instead copy the first line to the clipboard using xclip(1)
and then restore the clipboard after 45 (or PASSWORD_STORE_CLIP_TIME) seconds.
insert [ --echo, -e | --multiline, -m ] [ --force, -f ] pass-name
Insert a new password into the password store called pass-name. This will read the
new password from standard in. If --echo or -e is not specified, disable keyboard
echo when the password is entered and confirm the password by asking for it twice.
If --multiline or -m is specified, lines will be read until EOF or Ctrl+D is
reached. Otherwise, only a single line from standard in is read. Prompt before
overwriting an existing password, unless --force or -f is specified. This command
is alternatively named add.
edit pass-name
Insert a new password or edit an existing password using the default text editor
specified by the environment variable EDITOR or using editor(1) as a fallback. This
mode makes use of temporary files for editing, but care is taken to ensure that
temporary files are created in /dev/shm in order to avoid writing to difficult-to-
erase disk sectors. If /dev/shm is not accessible, fallback to the ordinary TMPDIR
location, and print a warning.
generate [ --no-symbols, -n ] [ --clip, -c ] [ --in-place, -i | --force, -f ] pass-name
pass-length
Generate a new password using pwgen(1) of length pass-length and insert into pass-
name. If --no-symbols or -n is specified, do not use any non-alphanumeric
characters in the generated password. If --clip or -c is specified, do not print
the password but instead copy it to the clipboard using xclip(1) and then restore
the clipboard after 45 (or PASSWORD_STORE_CLIP_TIME) seconds. Prompt before
overwriting an existing password, unless --force or -f is specified. If --in-place
or -i is specified, do not interactively prompt, and only replace the first line of
the password file with the new generated password, keeping the remainder of the
file intact.
rm [ --recursive, -r ] [ --force, -f ] pass-name
Remove the password named pass-name from the password store. This command is
alternatively named remove or delete. If --recursive or -r is specified, delete
pass-name recursively if it is a directory. If --force or -f is specified, do not
interactively prompt before removal.
mv [ --force, -f ] old-path new-path
Renames the password or directory named old-path to new-path. This command is
alternatively named rename. If --force is specified, silently overwrite new-path if
it exists. If new-path ends in a trailing /, it is always treated as a directory.
Passwords are selectively reencrypted to the corresponding keys of their new
destination.
cp [ --force, -f ] old-path new-path
Copies the password or directory named old-path to new-path. This command is
alternatively named copy. If --force is specified, silently overwrite new-path if
it exists. If new-path ends in a trailing /, it is always treated as a directory.
Passwords are selectively reencrypted to the corresponding keys of their new
destination.
git git-command-args...
If the password store is a git repository, pass git-command-args as arguments to
git(1) using the password store as the git repository. If git-command-args is init,
in addition to initializing the git repository, add the current contents of the
password store to the repository in an initial commit. If the git config key
pass.signcommits is set to true, then all commits will be signed using
user.signingkey or the default git signing key. This config key may be turned on
using: `pass git config --bool --add pass.signcommits true`
help Show usage message.
version
Show version information.
SIMPLE EXAMPLES
Initialize password store
zx2c4@laptop ~ $ pass init [email protected]
mkdir: created directory ‘/home/zx2c4/.password-store’
Password store initialized for [email protected].
List existing passwords in store
zx2c4@laptop ~ $ pass
Password Store
├── Business
│ ├── some-silly-business-site.com
│ └── another-business-site.net
│ ├── donenfeld.com
│ └── zx2c4.com
└── France
├── bank
├── freebox
└── mobilephone
Alternatively, "pass ls".
Find existing passwords in store that match .com
zx2c4@laptop ~ $ pass find .com
Search Terms: .com
├── Business
│ ├── some-silly-business-site.com
├── donenfeld.com
└── zx2c4.com
Alternatively, "pass search .com".
Show existing password
zx2c4@laptop ~ $ pass Email/zx2c4.com
sup3rh4x3rizmynam3
Copy existing password to clipboard
zx2c4@laptop ~ $ pass -c Email/zx2c4.com
Copied Email/[email protected] to clipboard. Will clear in 45 seconds.
Add password to store
zx2c4@laptop ~ $ pass insert Business/cheese-whiz-factory
Enter password for Business/cheese-whiz-factory: omg so much cheese what am i gonna
do
Add multiline password to store
zx2c4@laptop ~ $ pass insert -m Business/cheese-whiz-factory
Enter contents of Business/cheese-whiz-factory and press Ctrl+D when finished:
Hey this is my
awesome
multi
line
passworrrrrrrrd.
^D
Generate new password
zx2c4@laptop ~ $ pass generate Email/jasondonenfeld.com 15
The generated password to Email/jasondonenfeld.com is:
$(-QF&Q=IN2nFBx
Generate new alphanumeric password
zx2c4@laptop ~ $ pass generate -n Email/jasondonenfeld.com 12
The generated password to Email/jasondonenfeld.com is:
YqFsMkBeO6di
Generate new password and copy it to the clipboard
zx2c4@laptop ~ $ pass generate -c Email/jasondonenfeld.com 19
Copied Email/jasondonenfeld.com to clipboard. Will clear in 45 seconds.
Remove password from store
zx2c4@laptop ~ $ pass remove Business/cheese-whiz-factory
rm: remove regular file ‘/home/zx2c4/.password-store/Business/cheese-whiz-
factory.gpg’? y
removed ‘/home/zx2c4/.password-store/Business/cheese-whiz-factory.gpg’
EXTENDED GIT EXAMPLE
Here, we initialize new password store, create a git repository, and then manipulate and
sync passwords. Make note of the arguments to the first call of pass git push; consult
git-push(1) for more information.
zx2c4@laptop ~ $ pass init [email protected]
mkdir: created directory ‘/home/zx2c4/.password-store’
Password store initialized for [email protected].
zx2c4@laptop ~ $ pass git init
Initialized empty Git repository in /home/zx2c4/.password-store/.git/
[master (root-commit) 998c8fd] Added current contents of password store.
1 file changed, 1 insertion(+)
create mode 100644 .gpg-id
zx2c4@laptop ~ $ pass git remote add origin kexec.com:pass-store
zx2c4@laptop ~ $ pass generate Amazon/[email protected] 21
mkdir: created directory ‘/home/zx2c4/.password-store/Amazon’
[master 30fdc1e] Added generated password for Amazon/[email protected] to store.
1 file changed, 0 insertions(+), 0 deletions(-)
create mode 100644 Amazon/[email protected]
The generated password to Amazon/[email protected] is:
<5m,_BrZY`antNDxKN<0A
zx2c4@laptop ~ $ pass git push -u --all
Counting objects: 4, done.
Delta compression using up to 2 threads.
Compressing objects: 100% (3/3), done.
Writing objects: 100% (4/4), 921 bytes, done.
Total 4 (delta 0), reused 0 (delta 0)
To kexec.com:pass-store
* [new branch] master -> master
Branch master set up to track remote branch master from origin.
zx2c4@laptop ~ $ pass insert Amazon/[email protected]
Enter password for Amazon/[email protected]: som3r3a11yb1gp4ssw0rd!!88**
[master b9b6746] Added given password for Amazon/[email protected] to store.
1 file changed, 0 insertions(+), 0 deletions(-)
create mode 100644 Amazon/[email protected]
zx2c4@laptop ~ $ pass rm Amazon/[email protected]
rm: remove regular file ‘/home/zx2c4/.password-store/Amazon/[email protected]’? y
removed ‘/home/zx2c4/.password-store/Amazon/[email protected]’
rm 'Amazon/[email protected]'
[master 288b379] Removed Amazon/[email protected] from store.
1 file changed, 0 insertions(+), 0 deletions(-)
delete mode 100644 Amazon/[email protected]
zx2c4@laptop ~ $ pass git push
Counting objects: 9, done.
Delta compression using up to 2 threads.
Compressing objects: 100% (5/5), done.
Writing objects: 100% (7/7), 1.25 KiB, done.
Total 7 (delta 0), reused 0 (delta 0)
To kexec.com:pass-store
Use pass online using onworks.net services
