2018-06-02 20:31:01 +00:00
# Purse
2015-07-02 02:11:49 +00:00
2018-06-02 20:31:01 +00:00
2015-07-02 02:11:49 +00:00
2019-01-31 01:50:11 +00:00
Purse is a fork of [drduh/pwd.sh ](https://github.com/drduh/pwd.sh ).
2018-06-02 20:31:01 +00:00
2019-01-31 02:24:02 +00:00
Both programs are shell scripts which use [GPG ](https://www.gnupg.org/ ) to manage passwords in an encrypted text file. Purse uses asymmetric (public-key) authentication, while pwd.sh uses symmetric (password-based) authentication.
2018-06-02 20:31:01 +00:00
2019-01-31 02:24:02 +00:00
While both scripts use a trusted crypto implementation (GPG) and safely handle passwords (never saving plaintext to disk), Purse eliminates the need to remember and use a master password - just plug in a YubiKey, enter the PIN, then touch it to decrypt the password safe to stdout.
2018-06-02 20:31:01 +00:00
2019-01-31 02:24:02 +00:00
By using Purse with YubiKey, the risk of master password phishing and keylogging is eliminated - only physical possession of the key AND knowledge of the PIN can unlock the password safe.
2015-07-02 02:11:49 +00:00
# Installation
2019-01-31 02:24:02 +00:00
This script requires a GPG identity - see [drduh/YubiKey-Guide ](https://github.com/drduh/YubiKey-Guide ) to set one up.
2015-07-03 04:52:34 +00:00
2019-01-31 02:24:02 +00:00
To install Purse:
2018-06-02 20:31:01 +00:00
2019-01-31 01:50:11 +00:00
```console
$ git clone https://github.com/drduh/Purse
2018-06-02 20:31:01 +00:00
```
2019-01-31 02:24:02 +00:00
Edit `purse.sh` to specify your GPG key ID.
2015-07-03 04:52:34 +00:00
2015-07-02 02:11:49 +00:00
# Use
2019-01-31 01:50:11 +00:00
`cd Purse` and run the script interactively using `./purse.sh`
2015-07-31 04:14:09 +00:00
2018-06-02 20:31:01 +00:00
* Type `w` to write a password.
* Type `r` to read a password.
* Type `d` to delete a password.
2019-01-31 01:50:11 +00:00
* Type `h` to print the help text.
2015-07-02 02:31:38 +00:00
2019-01-31 01:50:11 +00:00
Examples:
2015-07-31 04:14:09 +00:00
2019-01-31 01:50:11 +00:00
Create 30-character password for `gmail` :
2015-07-31 04:14:09 +00:00
2019-01-31 01:50:11 +00:00
```console
$ ./purse.sh w gmail 30
```
2015-07-31 04:35:35 +00:00
2019-01-31 01:50:11 +00:00
Append `q` to create a password without displaying it.
2015-07-31 04:35:35 +00:00
2018-06-02 20:31:01 +00:00
Read password for `user@github` :
2015-07-31 04:53:28 +00:00
2019-01-31 01:50:11 +00:00
```console
$ ./purse.sh r user@github
```
2015-07-31 04:53:28 +00:00
2018-06-02 20:31:01 +00:00
Delete password for `reddit` :
2015-07-02 02:03:55 +00:00
2019-01-31 01:50:11 +00:00
```console
$ ./purse.sh d reddit
```
2015-10-31 02:25:03 +00:00
2019-01-31 01:50:11 +00:00
Copy password for `github` to clipboard (substitute `pbcopy` on macOS):
2015-10-31 02:25:03 +00:00
2019-01-31 01:50:11 +00:00
```console
$ ./purse.sh r github | cut -f 1 -d ' ' | awk 'NR==4{print $1}' | xclip
```
2015-10-31 02:25:03 +00:00
2019-01-31 01:50:11 +00:00
This script and encrypted `purse.enc` file can be publicly shared between trusted computers. For additional privacy, the recipient key ID is **not** included in GPG metadata.
2015-10-31 02:25:03 +00:00
2019-01-31 01:50:11 +00:00
See [drduh/config/gpg.conf ](https://github.com/drduh/config/blob/master/gpg.conf ) for additional GPG options.
2015-08-05 02:48:09 +00:00
2015-09-21 23:23:13 +00:00
# Similar software
2015-08-05 02:48:09 +00:00
2019-01-31 01:50:11 +00:00
* [drduh/pwd.sh ](https://github.com/drduh/pwd.sh )
* [bndw/pick: command-line password manager for macOS and Linux ](https://github.com/bndw/pick )
* [Pass: the standard unix password manager ](https://www.passwordstore.org/ )
* [anders/pwgen: generate passwords using OS X Security framework ](https://github.com/anders/pwgen )
* [caodonnell/passman.sh: a pwd.sh fork ](https://github.com/caodonnell/passman.sh )
