Skip to content

msun68/pass

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
.gitignore
.gitignore
 
 
README.md
README.md
 
 
agent.go
agent.go
 
 
config.go
config.go
 
 
crypto.go
crypto.go
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 
prompt.go
prompt.go
 
 
ssh_keys.go
ssh_keys.go
 
 
ssh_keys_test.go
ssh_keys_test.go
 
 

Repository files navigation

pass (simple password manager)

Commands

  • pass init — initialize the password store; prompts for a passphrase and creates config under the OS user config dir (e.g., ~/Library/Application Support/pass/config.json on macOS)
  • pass serve — start the in-memory agent over a UNIX socket to cache the derived key
    • Env: PASS_AGENT_TCP_ADDR=127.0.0.1:5959 (optional TCP), PASS_AGENT_TOKEN=... (required when TCP enabled)
  • pass add — prompts for passphrase and password; stores encrypted under
  • pass — prompts for passphrase, decrypts, and prints the password

Details

  • Key derivation: Argon2id with the hostname as salt (64 MiB, t=3, p=1)
  • Encryption: AES-GCM; payload stored as base64(nonce||ciphertext) in JSON
  • Config path: os.UserConfigDir()/pass/config.json
  • Agent socket: os.UserConfigDir()/pass/agent.sock (0600)
  • Client envs: PASS_AGENT_ADDR (unix:/path.sock or tcp:host:port), PASS_AGENT_TOKEN (for TCP)
  • Container usage: run pass serve on host with PASS_AGENT_TCP_ADDR set; in container set PASS_AGENT_ADDR=tcp:host.docker.internal:PORT and PASS_AGENT_TOKEN to match

Schema (v6 only)

  • version: 6
  • vault.seal: base64(nonce||ciphertext) for token "ok"
  • vault.entries: object mapping name -> base64(nonce||ciphertext)

Build

  • go build

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages