2018-06-02 20:31:01 +00:00
# Purse
2015-07-02 02:11:49 +00:00
2018-06-02 20:31:01 +00:00
![screencast gif ](https://user-images.githubusercontent.com/12475110/40880505-3834ce1c-6667-11e8-89d0-6961886842c6.gif )
2015-07-02 02:11:49 +00:00
2018-06-02 20:31:01 +00:00
Purse is a fork of [pwd.sh ](https://github.com/drduh/pwd.sh/ ).
Both programs are shell scripts which use GPG to manage passwords in an encrypted file. Purse uses asymmetric (public-key) encryption, while pwd.sh uses a symmetric (password) scheme.
While both are reasonably secure by using a trusted crypto implementation (GPG) and safe handling of password input, Purse eliminates the need to remember or use a master password to unlock. Just plug in the key, enter the PIN to unlock it, then touch to decrypt Purse passwords.
By using GPG keys and a hardware token like YubiKey, the risk of master password phishing or keylogging is eliminated; only physical possession of the hardware token AND knowledge of its PIN code may unlock private material.
2015-07-02 02:11:49 +00:00
# Installation
2018-06-02 20:31:01 +00:00
This script requires an existing GPG key and is intended to be used with a YubiKey or other hardware token for storing the private key.
See [YubiKey Guide ](https://github.com/drduh/YubiKey-Guide/ ) for instructions on setting one up.
2015-07-03 04:52:34 +00:00
2018-06-02 20:31:01 +00:00
To install the script:
```
git clone https://github.com/drduh/purse
```
Then modify it to use the preferred GPG key ID.
2015-07-03 04:52:34 +00:00
2015-07-02 02:11:49 +00:00
# Use
2018-06-02 20:31:01 +00:00
`cd purse` and run the script interactively using `./purse.sh`
2015-07-31 04:14:09 +00:00
2018-06-02 20:31:01 +00:00
* Type `w` to write a password.
2015-07-02 02:11:49 +00:00
2018-06-02 20:31:01 +00:00
* Type `r` to read a password.
2015-07-02 02:11:49 +00:00
2018-06-02 20:31:01 +00:00
* Type `d` to delete a password.
2015-07-02 02:31:38 +00:00
2015-10-31 02:25:03 +00:00
Options can also be passed on the command line.
2015-07-31 04:14:09 +00:00
2018-06-02 20:31:01 +00:00
Create password with length of 30 characters for `gmail` :
2015-07-31 04:14:09 +00:00
2018-06-02 20:31:01 +00:00
./purse.sh w gmail 30
2015-07-31 04:35:35 +00:00
2015-10-31 02:25:03 +00:00
Append `<space>q` to suppress generated password output.
2015-07-31 04:35:35 +00:00
2018-06-02 20:31:01 +00:00
Read password for `user@github` :
2015-07-31 04:53:28 +00:00
2018-06-02 20:31:01 +00:00
./purse.sh r user@github
2015-07-31 04:53:28 +00:00
2018-06-02 20:31:01 +00:00
Delete password for `reddit` :
2015-07-02 02:03:55 +00:00
2018-06-02 20:31:01 +00:00
./purse.sh d reddit
2015-10-31 02:25:03 +00:00
2018-06-02 20:31:01 +00:00
Copy password for `github` to clipboard on macOS:
2015-10-31 02:25:03 +00:00
2018-06-02 20:31:01 +00:00
./purse.sh r github | cut -f 1 -d ' ' | awk 'NR==4{print $1}' | pbcopy
2015-10-31 02:25:03 +00:00
2018-06-02 20:31:01 +00:00
The script and encrypted `.purse` ciphertext file can be publicly shared between computers.
2015-10-31 02:25:03 +00:00
2016-05-15 23:44:23 +00:00
A recommended `~/.gnupg/gpg.conf` configuration file can be found at [drduh/config/gpg.conf ](https://github.com/drduh/config/blob/master/gpg.conf ).
2015-08-05 02:48:09 +00:00
2015-09-21 23:23:13 +00:00
# Similar software
2015-08-05 02:48:09 +00:00
2018-06-02 20:31:01 +00:00
[pwd.sh ](https://github.com/drduh/pwd.sh/ )
2015-08-05 02:48:09 +00:00
[Pass: the standard unix password manager ](http://www.passwordstore.org/ )
2015-09-21 23:23:13 +00:00
[caodonnell/passman.sh: a pwd.sh fork ](https://github.com/caodonnell/passman.sh )
2016-02-14 21:32:57 +00:00
[bndw/pick: a minimal password manager for OS X and Linux ](https://github.com/bndw/pick )
2015-09-21 23:23:13 +00:00
[anders/pwgen: generate passwords using OS X Security framework ](https://github.com/anders/pwgen )