https://github.com/yds12/guarakapa

Password manager for the terminal.
https://github.com/yds12/guarakapa

cli command-line cryptography password password-manager rust terminal tui

Last synced: 2 days ago
JSON representation

Password manager for the terminal.

• Host: GitHub
• URL: https://github.com/yds12/guarakapa
• Owner: yds12
• License: mit
• Created: 2021-07-14T17:42:38.000Z (over 3 years ago)
• Default Branch: master
• Last Pushed: 2023-08-20T16:48:40.000Z (about 1 year ago)
• Last Synced: 2023-08-20T17:45:16.211Z (about 1 year ago)
• Topics: cli, command-line, cryptography, password, password-manager, rust, terminal, tui
• Language: Rust
• Homepage:
• Size: 85 KB
• Stars: 3
• Watchers: 1
• Forks: 1
• Open Issues: 11
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
![tests](https://github.com/yds12/guarakapa/actions/workflows/build_and_test.yml/badge.svg)

**This is a work in progress. Please do not trust it with your passwords.**

A password manager for the Linux (X11) terminal written in Rust.

# Install and Run

Install dependencies (`openssl`, `libxcb-shape` and `libxcb-xfixes`).

For Ubuntu:

    $ apt install libssl-dev libxcb-shape0-dev libxcb-xfixes0-dev

Install using cargo:

    $ git clone https://github.com/yds12/guarakapa

    $ cd guarakapa

    $ cargo install --path .

And run:

    $ kapa

Run tests with:

    $ cargo test -- --test-threads=1               # all tests

    $ cargo test --bins --lib                      # unit tests

    $ cargo test --test '*' -- --test-threads=1    # integration tests

For now, we have to avoid running integration tests in parallel because they

all manipulate the same data file.

# About

This project started with the purpose of learning Rust, how to use its testing

tools, and the basics of cryptography.

It is a command line program for Linux that enables you to save your passwords

and retrieve them (using a master password) directly via the clipboard.

The core design principles are:

* **Minimalism:** keep the source code, number of dependencies, binary size and

compilation time as small as possible;

* **Security:** use standard highly-secure cryptography algorithms, only decrypt

what is necessary at a given moment, keep track of the version used to create

the password file, extensive use of tests;

* **Usability:** we strive to make it as easy as possible to use in a terminal.

We took some inspiration from

[rooster](https://github.com/conradkleinespel/rooster).

## Features

* Entries have an entry name, a description, a username, an email, other notes,

and a password as fields;

* List entries: only entry names are decrypted, not the entries themselves;

* Add new entry: user is prompted about the entry fields;

* Retrieve entry: user types the entry name, the selected entry is shown,

password is stored in the clipboard;

* Passwords should not be visible when user is typing;

* Find your password file;

* Find which version of the program was used to create your password file, so

that in case there is a breaking change you can still recover it with an older

version.

## Commands and Usage

The basic commands are:

    $ kapa                   # creates a new data file, or, if it already

                             # exists, displays the help text

    $ kapa ls                # lists entry names

    $ kapa       # gets entry with specified name

    $ kapa add   # adds entry with specified name

Learn more about all the commands and options with:

    $ kapa --help

Backups can be done by copying the password file (find it with `kapa path`).

We might implement an export function to export everything unencrypted to a

JSON, TOML or YAML file.

# Cryptography

We will use AES-256 in CBC mode for encryption. An initialization vector (IV) is

randomly generated and stored with each message/entry. For the moment, we have

no plans to use MAC or anything for authentication -- i.e. you will not be able

to tell if the data has been tampered with.