CLI to manage passwords
- Simple CRUD operations for passwords
- Multiple keyring backends via cargo features:
- D-Bus Secret Service on Linux (requires
dbus-secret-servicefeature) - Z-Bus Secret Service on Linux (requires
zbus-secret-servicefeature) - Keyutils on Linux (requires
keyutilsfeature) - Apple Keychain on macOS (requires
apple-keychainfeature) - Windows Credential Manager (requires
windows-credential-managerfeature)
- D-Bus Secret Service on Linux (requires
- TOML configuration
- JSON output with
--json
Mimosa CLI is written in Rust, and relies on cargo features to enable or disable functionalities. Default features can be found in the features section of the Cargo.toml, or on docs.rs.
Mimosa CLI can be installed with the installer:
As root:
curl -sSL https://raw.githubusercontent.com/pimalaya/mimosa/master/install.sh | sudo sh
As a regular user:
curl -sSL https://raw.githubusercontent.com/pimalaya/mimosa/master/install.sh | PREFIX=~/.local sh
These commands install the latest binary from the GitHub releases section.
Mimosa CLI can be installed with cargo:
cargo install mimosa
You can also use the git repository for a more up-to-date (but less stable) version:
cargo install --locked --git https://github.com/pimalaya/mimosa.git
Mimosa CLI can be installed with Nix:
nix-env -i mimosa
You can also use the git repository for a more up-to-date (but less stable) version:
nix-env -if https://github.com/pimalaya/mimosa/archive/master.tar.gz
If you have the Flakes feature enabled:
nix profile install mimosa
You can also run Mimosa directly without installing it:
nix run mimosa
The wizard is not yet available (it should come soon), meanwhile you can manually edit your own configuration from scratch:
- Copy the content of the documented
./config.sample.toml - Paste it into a new file
~/.config/mimosa/config.toml - Edit, then comment or uncomment the options you want
You can either give the password as an argument, give a path of a valid file containing your password, or using Unix pipes or redirection:
$ mimosa password write ***
$ mimosa password write /path/to/***
$ mimosa password write < /path/to/***
$ echo *** | mimosa password write
Password successfully written to keyring
$ mimosa password read
***
With the --json argument:
$ mimosa password read --json
{"password":"***"}
$ mimosa password remove
Password successfully removed from example
The simplest way is to use --debug and/or --trace arguments.
The advanced way is based on environment variables:
RUST_LOG=<level>: determines the log level filter, can be one ofoff,error,warn,info,debugandtrace.RUST_BACKTRACE=1: enables the full error backtrace, which include source lines where the error originated from.
Logs are written to the stderr, which means that you can redirect them easily to a file:
mimosa password read --debug 2>/tmp/mimosa.log
- Chat on Matrix
- News on Mastodon or RSS
- Mail at pimalaya.org@posteo.net
Special thanks to the NLnet foundation and the European Commission that have been financially supporting the project for years:
- 2022: NGI Assure
- 2023: NGI Zero Entrust
- 2024: NGI Zero Core (still ongoing in 2026)
If you appreciate the project, feel free to donate using one of the following providers:
