Skip to content
This repository has been archived by the owner. It is now read-only.


Switch branches/tags

Latest commit

*  feature(*): handle RSA encrypted (base64) passphrase

* Add how to avoid typing secret phrase description

Git stats


Failed to load latest commit information.
Latest commit message
Commit time


Go Report Card Github All Releases License

Cross Platform simple and secure password management from commandline.

  • Free open source software

  • Works on Linux, Mac OSX, Windows

  • Just a single portable binary file

Since the Password Safe file format is open-source and widely used, there are also compatible clients for many platforms.

You can choose to store all your passwords in a single encrypted master password database, or use multiple databases to further organize your passwords (work and home, for example).

Create a new password store (init)

| => pwsafe init -file test.dat
Secret phrase: *****
Secret phrase again: ***** 
👍 password store 'test.dat' successfully created

Add a new account info (push)

| => pwsafe push -file test.dat -url -user -pass abbraadabbra "My Cool Site"
Secret phrase: *****
👍 record successfully pushed to store 'test.dat'

Show a summary of all records (list)

| => pwsafe list -file test.dat
Secret phrase: *****

  My Cool Site  

Edit / Update a record (push)

| => pwsafe push -file test.dat -category Bank "My Cool Site"
Secret phrase: *****
👍 record successfully pushed to store 'test.dat'

Fetch a specific field content (pull)

| => pwsafe pull -file test.dat "my cool site"
Secret phrase: *****
  • by default `field=pass``

You can specify a field name

| => pwsafe pull -field url upwork
Secret phrase:

Copy a specific field value to clipboard (clip)

Useful if you want to grab the password without showing the record content.

| => pwsafe clip -file test.dat "my cool site"
Secret phrase: *****
👍 check your clipboard for the content of the field 'pass'
  • by default the password value is copied to clipboard (-pass)
    • you can also specify -url or -user.

Remove a record (remove)

| => pwsafe remove "my cool site"
Secret phrase: *****
👍 record successfully removed from store '/Users/lucasepe/Temp/test.dat'

How to avoid typing the secret phrase each time

Caution: use this method only if you are sure the you are the only one accessing to your computer!

Given PWSAFE_HOME=$HOME/.pwsafe as the pwsafe home folder.

The default database will reside in this folder named as vault.dat.

If you are tired to type each time the secret phrase, follow those steps:

Goto the $PWSAFE_HOME folder


Generate a private RSA key

Save it in a file called vault-pri.pem:

$ openssl genrsa -out vault-pri.pem 1024 

Export the public key

Save it in a file called vault-pub.pem:

$ openssl rsa -in vault-pri.pem -pubout -out vault-pub.pem 

Encrypt your secret phrase (base64 encode it)

Save it in a file called vault.key:

$ echo 'abbracadabbra!' | openssl rsautl -encrypt -inkey vault-pub.pem -pubin | base64 > vault.key

That's all!

Now you can access to data in your default database (vault.dat) without typing the secret phrase.

If you wants to enable the secret phrase typing again, simply remove the following files:

  • vault.key, vault-pri.key, vault-pub.key


PWSafe database file encryption/decryption derived from the original work of


Cross Platform simple and secure password management from commandline.








No packages published