Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/emersion/webpass

A web interface for pass, a UNIX password manager
https://github.com/emersion/webpass

password web

Last synced: about 1 month ago
JSON representation

A web interface for pass, a UNIX password manager

Host: GitHub
URL: https://github.com/emersion/webpass
Owner: emersion
License: mit
Created: 2017-01-22T14:27:21.000Z (almost 8 years ago)
Default Branch: master
Last Pushed: 2022-05-24T13:00:33.000Z (over 2 years ago)
Last Synced: 2024-09-14T10:12:36.844Z (2 months ago)
Topics: password, web
Language: Go
Size: 49.8 KB
Stars: 12
Watchers: 4
Forks: 2
Open Issues: 4
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # webpass

A web interface for [pass](https://www.passwordstore.org/), a UNIX password manager.

## Usage

```shell

go get -u github.com/emersion/webpass/...

cd $GOPATH/src/github.com/emersion/webpass

npm install

gpg --export-secret-keys > private-key.gpg

webpass

```

Go to http://localhost:8080. You'll be first asked for your login password.

Once logged in, a list of your passwords is displayed. When you click on an

item, your PGP key password will be prompted and the password will be displayed.

You can now setup an HTTPS reverse proxy to webpass.

You can also choose not to store your encrypted PGP private key on the server,

in this case you'll have to carry it with you e.g. on a USB stick.

## Configuration

Create `config.json`:

```json

{

	"auth": {

		"type": "git",

		"url": "[email protected]:user/pass-store.git",

		"privatekey": "/home/user/.ssh/id_rsa"

	},

	"pgp": {

		"privatekey": "private-key.gpg"

	}

}

```

* `auth`: configures authentication. `auth.type` must be one of:

	* `none`: no authentication. You should configure HTTP authentication with

	a reverse proxy for instance.

	* `pam`: uses the current user's account.

	* `git`: uses a remote Git repository, which is cloned in memory when logging

	in. The repository's URL must be specified with `auth.url`, and a SSH

	private key can be specified with `auth.privatekey`.

* `pgp`: configures OpenPGP

	* `pgp.privatekey`: path to your OpenPGP private key. If not specified, your

	private key will be requested when decrypting a password.

## Security

Once logged in, the encrypted PGP key and the encrypted passwords will be served

by the API.

The PGP key password won't be sent to the server, since the passwords are

decrypted client-side.

## License

MIT