pw is a Python tool to search in a GPG-encrypted password database.
Usage: pw [OPTIONS] [USER@][KEY] Search for USER and KEY in GPG-encrypted password database. Options: --copy / --no-copy copy password to clipboard (default) -E, --echo / --no-echo print password to console -L, --open / --no-open open link in browser -S, --strict / --no-strict fail unless precisely a single result has been found --raw / --no-raw output password only --database-path PATH path to password database --edit launch editor to edit password database -v, --version print version information and exit --help Show this message and exit.
pw, simply run:
$ pip install pw
Password Database, File Format, and Editing
By default, the password database is located at
~/.passwords.yaml.asc and automatically decrypted by using GnuPG if the file extension is
It uses a straighforward YAML format as in the following example, which is hopefully self-explanatory:
Mail: Google: - U: firstname.lastname@example.org P: "*****" L: https://mail.google.com/ - U: email@example.com P: "*****" N: "John's account" SSH: My Private Server: U: root P: "*****" N: "With great power comes great responsibility." (An Old Entry That Is Ignored): U: foo P: bar Mobile: PIN: 12345 # shortcut notation (only provide password)
To edit the database, use
pw --edit. This requires that the environment variable
PW_GPG_RECIPIENT is set to the key with which the database should be encrypted and invokes the editor specified in the
PW_EDITOR environment variable (make sure to use blocking mode, e.g.,
Warning: This feature requires that the password database is temporarily stored in plain text in the file system, data leaks may arise. To some extend, this can be mitigated by using, e.g.,
tmpfs and by providing the editor with the adequate options that ensure that no backup copies, swap files, etc. are created.