February 8, 2018
Today we will look at some simple, portable yet effective ways to manage your passwords from the command line. You will need nothing more than apg and one of gnugpg or openssl along with your favorite text editor.
apt install apg gnupg openssl
Before you can manage your passwords, you will obviously first have
to generate them. Since your brain might be a very poor random number
generator you can use
A few examples for generating random passwords with apg follow:
# generate a few random passwords with default settings using /dev/random apg -c /dev/random # set password length to 20-30 characters and generate 10 passwords apg -m20 -x30 -n10 -c /dev/random Example output: gootCoHuecJarItOojBouFrag OignisholWulfisOdPearshed fekfedsornUgbacyoimyab ... # Other useful flags: #- a0 pronouncable # -a1 random # If you use -a1 you can specify the symbolset with -M # You can combine multiple -M options as in: -MCnS # -MC / -Mc must/can use small leters set # -MC / -Mc must/can use capital symbol set # -MN / -Mn must/can use numeral symbol set # -MS / -Ms must/can use special symbol set # Finally we can exclude specific characters from the symbol set with -E apg -a1 -m10 -MN -E 02345678 -c /dev/random Example output: 9119191199 9919119919 1199999911 ...
Just put the passwords in a plaintext file (named mypasswords in the examples below), along with related data and encrypt them symmetrically via gnupg. Decrypt them as needed. You will be prompted for a passphrase in each case.
Note that gnupg might cache your password for a few minutes, so don’t worry if you can decrypt them without beeing prompted.
#encrypyt. Don't forget to delete the source file gpg -c mypasswords #decrypt and write to STDOUT gpg -d mypasswords.gpg
You might prefer openssl, which some claim to be even more portable
#encrypyt. Don't forget to delete the source file openssl aes-256-cbc -salt -in mypasswords > mypasswords.aes #decrypt and write to STDOUT openssl aes-256-cbc -d -in mypasswords.aes
Adding, Editing or Deleting a password constitutes simply of the three steps: