Perfect World Manager (pwm)
The perfect world manager is an attempt to build a simple but secure password manager for the cli.
This is work in progress and has not been audited by security experts. Do NOT use for your actual passwords yet!
How?
The procedure is pretty simple.
To retrieve passwords a gpg encrypted Yaml file is opened, decrypted, deserialized and the password is displayed to the user.
To add new passwords the encrypted file is opened and decrypted. The new password is added to the data (a simple Ruby hash), the data is serialized to Yaml, encrypted by gpg and written to disk.
This should make it even possible to sync the password "database" between machines using Dropbox or other "untrusted" services. (I actually trust Dropbox, but they should not get my passwords.)
Install
Dependencies
You need an installed and set up version of gnupg. It should be available in the package repo of your linux distribution. Check out the GPGTools project, if you are on a Mac.
In addition you need at least Ruby 1.9.
pwm
Install the gem.
gem install perfect_world
Or clone the repo.
git clone https://github.com/ushis/perfect_world.git
cd perfect_world
bundle install
rake spec
rake build
Usage
$ pwm --help
Usage: pwm [options]
Options:
-b, --backup FILE Writes a backup to another database.
-c, --config FILE Specifies the path to the config file.
-C, --clipboard Copies the password to the clipboard.
-d, --delete ID Deletes the password.
-D, --database [FILE] Prints or sets the used database.
-f, --force Override existing password.
-g, --get ID Prints the password for an ID.
-G, --generate ID Generates and stores a new passord.
--gpgdir DIR Sets the path to the GPG directory.
-h, --help Prints this message and exits.
-l, --list Lists all passwords.
-L, --length [LENGTH] Prints or sets the length of new passwords.
-o, --owner [OWNER] Prints or sets the encryption recipient.
--version Prints the version and exits.
Examples
Let's create some passwords.
$ pwm --generate github
9&sq'8Gz.Bpb8#%M.T-Xyi#&.sDcTYFE.=qFyEbld-Z[wA'By75y?NA?qUy}U>xd
$ pwm --generate google
8UN:'I1^M)H\kj'U{4l!.tK3\v9V+}L4$XNal-\rzE@c\["&u#@#TRINt5"Jj[6A
And retrieve them.
$ pwm --list
9&sq'8Gz.Bpb8#%M.T-Xyi#&.sDcTYFE.=qFyEbld-Z[wA'By75y?NA?qUy}U>xd github
8UN:'I1^M)H\kj'U{4l!.tK3\v9V+}L4$XNal-\rzE@c\["&u#@#TRINt5"Jj[6A google
Or just one.
$ pwm --get github
9&sq'8Gz.Bpb8#%M.T-Xyi#&.sDcTYFE.=qFyEbld-Z[wA'By75y?NA?qUy}U>xd
Directly to the clipboard.
$ pwm --clipboard --get google
Copied your google password to the clipboard.
Override an existing password.
$ pwm --force --generate google
gi>VlHK<=m2D+}8X4P\(-yB6(<Jk'/9^-JAwCjK|!j-$exDe83g8[CD.n^%cYxO7
And delete one.
$ pwm --delete google
Deleted your google password.
Config file
pwm looks for the config file at ~/.pwmrc
by default. This can be
changed with the --config
switch. It contains straight forward Yaml.
---
owner: [email protected] # Used as encryption recipient by GPG.
length: 64 # Length of the generated password.
gpgdir: /home/ushi/.gnupg # Path to the GnuPG home dir.
database: /home/ushi/.pwm.yml.gpg # Path to the password database.
Clipboard
The clipboard feature should work out of the box on Mac OS. If you are on a
Linux system you need to install xclip
or xsel
to make it work.
License (MIT)
Copyright (c) 2013 ushi [email protected]
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.