diff --git a/.gitignore b/.gitignore deleted file mode 100644 index 37e21a7..0000000 --- a/.gitignore +++ /dev/null @@ -1 +0,0 @@ -pwd.sh.safe diff --git a/LICENSE.md b/LICENSE.md index 3ae38bc..0fc4e48 100644 --- a/LICENSE.md +++ b/LICENSE.md @@ -1,6 +1,6 @@ The MIT License (MIT) -Copyright (c) 2015 drduh +Copyright (c) 2015-2019 drduh Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal @@ -18,4 +18,4 @@ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -THE SOFTWARE. \ No newline at end of file +THE SOFTWARE. diff --git a/README.md b/README.md index c98e4e9..977b6cb 100644 --- a/README.md +++ b/README.md @@ -4,56 +4,61 @@ Script to manage passwords in an encrypted file using gpg. ![screencast gif](https://i.imgur.com/sQoF3VN.gif) -**New!** [Purse](https://github.com/drduh/Purse) is a fork which uses public key authentication instead of a master passphrase and can integrate with YubiKey. +**New!** [drduh/Purse](https://github.com/drduh/Purse) is a fork which uses public key authentication instead of a master passphrase and can integrate with YubiKey. # Installation - git clone https://github.com/drduh/pwd.sh - -Requires `gpg` - install with `brew install gpg` or `sudo apt-get install gnupg` or build and install it from [source](https://www.gnupg.org/download/index.html). +```console +$ git clone https://github.com/drduh/pwd.sh +``` # Use -Run the script interactively using `cd pwd.sh && ./pwd.sh` or symlink to a folder in `$PATH` and run directly. - -Type `w` to write a password. +`cd pwd.sh` and run the script interactively using `./pwd.sh` -Type `r` to read a password. - -Type `d` to delete a password. +* Type `w` to write a password. +* Type `r` to read a password. +* Type `d` to delete a password. +* Type `h` to print the help text. Options can also be passed on the command line. -Create password with length of 30 characters for *gmail*: - - ./pwd.sh w gmail 30 +Examples: -Append `q` to suppress generated password output. +Create 30-character password for `gmail`: -Read password for *user@github*: +```console +$ ./pwd.sh w gmail 30 +``` - ./pwd.sh r user@github +Append `q` to create a password without displaying it. -Delete password for *dropbox*: +Read password for `user@github`: - ./pwd.sh d dropbox +```console +$ ./pwd.sh r user@github +``` -Copy password for *github* to clipboard on OS X: +Delete password for `dropbox`: - ./pwd.sh r github | cut -f 1 -d ' ' | awk 'NR==3{print $1}' | pbcopy +```console +$ ./pwd.sh d dropbox +``` -The script and encrypted `pwd.sh.safe` file can be safely shared between computers, for example through Google Drive or Dropbox. +Copy password for `github` to clipboard (substitute `pbcopy` on macOS): -A recommended `~/.gnupg/gpg.conf` configuration file can be found at [drduh/config/gpg.conf](https://github.com/drduh/config/blob/master/gpg.conf). +```console +$ ./pwd.sh r github | cut -f 1 -d ' ' | awk 'NR==3{print $1}' | xclip +``` -# Similar software - -[Purse](https://github.com/drduh/Purse) +The script and encrypted `pwd.sh.safe` file can be publicly shared between trusted computers. -[Pass: the standard unix password manager](http://www.passwordstore.org/) +See [drduh/config/gpg.conf](https://github.com/drduh/config/blob/master/gpg.conf) for additional GPG options. -[caodonnell/passman.sh: a pwd.sh fork](https://github.com/caodonnell/passman.sh) - -[bndw/pick: a minimal password manager for OS X and Linux](https://github.com/bndw/pick) +# Similar software -[anders/pwgen: generate passwords using OS X Security framework](https://github.com/anders/pwgen) +* [drduh/Purse](https://github.com/drduh/Purse) +* [Pass: the standard unix password manager](https://www.passwordstore.org/) +* [caodonnell/passman.sh: a pwd.sh fork](https://github.com/caodonnell/passman.sh) +* [bndw/pick: command-line password manager for macOS and Linux](https://github.com/bndw/pick) +* [anders/pwgen: generate passwords using OS X Security framework](https://github.com/anders/pwgen) diff --git a/pwd.sh b/pwd.sh index cf65835..46aa09f 100755 --- a/pwd.sh +++ b/pwd.sh @@ -1,9 +1,12 @@ #!/usr/bin/env bash +# https://github.com/drduh/pwd.sh set -o errtrace set -o nounset set -o pipefail +umask 077 + filter="$(command -v grep) -v -E" gpg="$(command -v gpg || command -v gpg2)" safe="${PWDSH_SAFE:=pwd.sh.safe}" @@ -62,7 +65,7 @@ encrypt () { read_pass () { # Read a password from safe. - if [[ ! -s ${safe} ]] ; then fail "No password safe found" ; fi + if [[ ! -s ${safe} ]] ; then fail "${safe} not found" ; fi if [[ -z "${2+x}" ]] ; then read -r -p " Username (Enter for all): " username @@ -84,8 +87,8 @@ read_pass () { gen_pass () { # Generate a password. - len=50 - max=100 + len=20 + max=80 if [[ -z "${3+x}" ]] ; then read -p " @@ -158,16 +161,14 @@ print_help () { echo " pwd.sh is a shell script to manage passwords with GnuPG symmetric encryption. - The script can be run interactively as './pwd.sh' or with the following args: + pwd.sh can be used interactively as or with one of the following options: * 'r' to read a password * 'w' to write a password * 'd' to delete a password - * 'h' to see this help text - - A username can be supplied as an additional argument or 'all' for all entries. + * 'h' to print this help text - For writing, a password length can be appended. Append 'q' to suppress output. + A username, password length and 'q' options can also be used. Examples: @@ -183,7 +184,7 @@ print_help () { ./pwd.sh w github 50 - * To suppress the generated password: + * Generate a password and write without displaying it: ./pwd.sh w github 50 q @@ -191,11 +192,7 @@ print_help () { ./pwd.sh d mail - A password cannot be supplied as an argument, nor is used as one throughout - the script, to prevent it from appearing in process listing or logs. - - To report a bug, visit https://github.com/drduh/pwd.sh - " + A password cannot be supplied as an argument, nor is used as one in the script, to prevent it from appearing in process listing or logs." }