Perfect World Manager (pwm)

Build Status Dependency Status Code Climate

The perfect world manager is an attempt to build a simple but secure password manager for the cli.

This is work in progress and has not been audited by security experts. Do NOT use for your actual passwords yet!

How?

The procedure is pretty simple.

To retrieve passwords a gpg encrypted Yaml file is opened, decrypted, deserialized and the password is displayed to the user.

To add new passwords the encrypted file is opened and decrypted. The new password is added to the data (a simple Ruby hash), the data is serialized to Yaml, encrypted by gpg and written to disk.

This should make it even possible to sync the password "database" between machines using Dropbox or other "untrusted" services. (I actually trust Dropbox, but they should not get my passwords.)

Install

Dependencies

You need an installed and set up version of gnupg. It should be available in the package repo of your linux distribution. Check out the GPGTools project, if you are on a Mac.

In addition you need at least Ruby 1.9.

pwm

Install the gem.

gem install perfect_world

Or clone the repo.

git clone https://github.com/ushis/perfect_world.git
cd perfect_world
bundle install
rake spec
rake build

Usage

$ pwm --help
Usage: pwm [options]

Options:
    -b, --backup FILE                Writes a backup to another database.
    -c, --config FILE                Specifies the path to the config file.
    -C, --clipboard                  Copies the password to the clipboard.
    -d, --delete ID                  Deletes the password.
    -D, --database [FILE]            Prints or sets the used database.
    -f, --force                      Override existing password.
    -g, --get ID                     Prints the password for an ID.
    -G, --generate ID                Generates and stores a new passord.
        --gpgdir DIR                 Sets the path to the GPG directory.
    -h, --help                       Prints this message and exits.
    -l, --list                       Lists all passwords.
    -L, --length [LENGTH]            Prints or sets the length of new passwords.
    -o, --owner [OWNER]              Prints or sets the encryption recipient.
        --version                    Prints the version and exits.

Examples

Let's create some passwords.

$ pwm --generate github
9&sq'8Gz.Bpb8#%M.T-Xyi#&.sDcTYFE.=qFyEbld-Z[wA'By75y?NA?qUy}U>xd
$ pwm --generate google
8UN:'I1^M)H\kj'U{4l!.tK3\v9V+}L4$XNal-\rzE@c\["&u#@#TRINt5"Jj[6A

And retrieve them.

$ pwm --list
9&sq'8Gz.Bpb8#%M.T-Xyi#&.sDcTYFE.=qFyEbld-Z[wA'By75y?NA?qUy}U>xd   github
8UN:'I1^M)H\kj'U{4l!.tK3\v9V+}L4$XNal-\rzE@c\["&u#@#TRINt5"Jj[6A   google

Or just one.

$ pwm --get github
9&sq'8Gz.Bpb8#%M.T-Xyi#&.sDcTYFE.=qFyEbld-Z[wA'By75y?NA?qUy}U>xd

Directly to the clipboard.

$ pwm --clipboard --get google
Copied your google password to the clipboard.

Override an existing password.

$ pwm --force --generate google
gi>VlHK<=m2D+}8X4P\(-yB6(<Jk'/9^-JAwCjK|!j-$exDe83g8[CD.n^%cYxO7

And delete one.

$ pwm --delete google
Deleted your google password.

Config file

pwm looks for the config file at ~/.pwmrc by default. This can be changed with the --config switch. It contains straight forward Yaml.

---
owner: [email protected]            # Used as encryption recipient by GPG.
length: 64                         # Length of the generated password.
gpgdir: /home/ushi/.gnupg          # Path to the GnuPG home dir.
database: /home/ushi/.pwm.yml.gpg  # Path to the password database.

Clipboard

The clipboard feature should work out of the box on Mac OS. If you are on a Linux system you need to install xclip or xsel to make it work.

License (MIT)

Copyright (c) 2013 ushi [email protected]

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.