pass is a command-line password manager that stores, retrieves, generates, and synchronizes passwords securely. It integrates directly with the user's PGP keys to store password in encrypted format on disk.
pass is written in bash and was created by Gentoo developer Jason A. Donenfeld (Zx2c4) .
USE flags for app-admin/pass Stores, retrieves, generates, and synchronizes passwords securely
||Use x11-misc/xclip to copy passwords to the clipboard.|
||Add support for x11-misc/dmenu with the 'passmenu' program.|
||Add support for GNU Emacs|
||Use dev-vcs/git for password revisions.|
||Allow importing passwords from other password managers using various contributed scripts.|
||Enable dev-libs/wayland backend|
emerge --ask app-admin/pass
A list of integrations for pass are available on the project website.
============================================ = pass: the standard unix password manager = = = = v1.7.4 = = = = Jason A. Donenfeld = = Jason@zx2c4.com = = = = http://www.passwordstore.org/ = ============================================ Usage: pass init [--path=subfolder,-p subfolder] gpg-id... Initialize new password storage and use gpg-id for encryption. Selectively reencrypt existing passwords using new gpg-id. pass [ls] [subfolder] List passwords. pass find pass-names... List passwords that match pass-names. pass [show] [--clip[=line-number],-c[line-number]] pass-name Show existing password and optionally put it on the clipboard. If put on the clipboard, it will be cleared in 45 seconds. pass grep [GREPOPTIONS] search-string Search for password files containing search-string when decrypted. pass insert [--echo,-e | --multiline,-m] [--force,-f] pass-name Insert new password. Optionally, echo the password back to the console during entry. Or, optionally, the entry may be multiline. Prompt before overwriting existing password unless forced. pass edit pass-name Insert a new password or edit an existing password using /usr/bin/vim. pass generate [--no-symbols,-n] [--clip,-c] [--in-place,-i | --force,-f] pass-name [pass-length] Generate a new password of pass-length (or 25 if unspecified) with optionally no symbols. Optionally put it on the clipboard and clear board after 45 seconds. Prompt before overwriting existing password unless forced. Optionally replace only the first line of an existing file with a new password. pass rm [--recursive,-r] [--force,-f] pass-name Remove existing password or directory, optionally forcefully. pass mv [--force,-f] old-path new-path Renames or moves old-path to new-path, optionally forcefully, selectively reencrypting. pass cp [--force,-f] old-path new-path Copies old-path to new-path, optionally forcefully, selectively reencrypting. pass git git-command-args... If the password store is a git repository, execute a git command specified by git-command-args. pass help Show this text. pass version Show version information. More information may be found in the pass(1) man page.
Users of Vim or Neovim should configure the editor not to write the password to disk when using pass edit, which can inadvertently happen with options such as
undofile. There is a plugin to set the appropriate options when the editor is editing a password file at https://dev.sanctum.geek.nz/code/vim-redact-pass.git (Gitweb). Like other Vim plugins, this can be installed using a plugin manager or by placing the files in an appropriate location manually.
emerge --ask --depclean --verbose app-admin/pass
- Password management tools — This meta article is dedicated to secure password generation, auditing of generated passwords for security, and management of existing passwords.
- Jason A. Donenfeld (Zx2c4) 's wiki page.
- https://vitalyparnas.com/guides/pass/ - A blog post covering clever uses of pass.