https://github.com/defund/pw

Command line password manager
https://github.com/defund/pw

Last synced: 4 days ago
JSON representation

Command line password manager

• Host: GitHub
• URL: https://github.com/defund/pw
• Owner: defund
• Created: 2019-10-07T07:22:08.000Z (about 5 years ago)
• Default Branch: master
• Last Pushed: 2019-10-07T07:58:40.000Z (about 5 years ago)
• Last Synced: 2024-08-01T21:49:36.230Z (3 months ago)
• Language: Rust
• Homepage:
• Size: 12.7 KB
• Stars: 8
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

        
### Usage

* `pw` list all entries

* `pw add` add new entry

* `pw del` delete entry

* `pw ` generate password for entry; `name` can refer to either an entry's name or shortened name

> ##### Can I still create entries with names `add` and `del`?

> You can, but you won't be able to reference it to generate a password. Suck it up :p

All data is stored in the user's home directory under the filename `.pw.json` by default. You can overwrite the path with the `PW_PATH` environment variable.

> ##### How do I stop people from messing with my data?

> Each entry is tamper-resistant (see crypto), but that won't stop somebody from deleting entries, duplicating entries, or malforming the data in general. I'd suggest setting read-only permissions for your user, since list and generate are read-only operations. When you want to add or delete entries, just run as superuser.

### Crypto

Each entry is individually encrypted and authenticated with ChaCha20/Poly1305. The key is derived with Argon2id from the master key and a randomly generated 16-byte salt. The plaintext is the UTF-8 encoding of the password. The additionally associated data consists of the entry name, shortened name, and extra data. The exact construction is `SHA256(name) || SHA256(short) || SHA256(extra)` to avoid collisions.

### Building

```

cargo +nightly build --release

```

The binary is located at `target/release/pw`.