BlackWindBooks.com | Newsletter! | risingthumb.xyz | achtung.risingthumb.xyz | github.com/RisingThumb | site map

risingthumb.xyz Lucky you, reading the best!

pass

What is pass? It's just a password manager. It works by using gpg encrypted files which are your passwords. This means they are encrypted and safe. It's also a password manager that is offline, so that means you have no issues with hosting it. You can if you would like, host your gpg encrypted passwords in a git repository, or in the cloud, or on an online machine so you can get them using rsync or some other file transfer tool.

There's a number of commands I will share here.

pass init passwordStoreName 

This lets you initialise a password store. A password store is just a place for your passwords to be stored hence the name. This is where gpg-encryption comes in, as all the passwords are encrypted using your gpg password. There is technically more involved that you can find out using `man pass`, as pass is really just a very nice and convenient frontend for gpg.

pass add passwordName 

This lets you add a password under that password name. When you do it, you'll be prompted for a password. Unless I am adding a password that I already know, I usually do not use this, as the next command is far more useful.

pass generate passwordName 20 

This lets you generate a cryptographically strong password for the password named passwordName that is 20 characters long. It's fairly obvious why this is good, because it means you don't use the same password for each online service, nor have to remember them.

pass ls 

This gives you a list of all password names in the password store.

Now you know all the password names(not their values) in your password store, now you need to acquire a password? Simple.

pass passwordName 

This will prompt you for your gpg password, and if successful in decryption, give you the password. There is more you can do with this command that is beyond the scope of this article, such as multiple password stores, and using more than one gpg key for your password encryption. There's even OTP(One Time Passwords, the timed 6 character codes) that you can use with it.

A demonstration use is listed below.

#!/usr/bin/env bash 

shopt -s nullglob globstar

typeit=0
if [[ $1 == "--type" ]]; then
typeit=1
shift
fi

prefix=${PASSWORD_STORE_DIR-~/.password-store}
password_files=( "$prefix"/**/*.gpg )
password_files=( "${password_files[@]#"$prefix"/}" )
password_files=( "${password_files[@]%.gpg}" )

password=$(printf '%s\n' "${password_files[@]}" | dmenu "$@")

[[ -n $password ]] || exit

if [[ $typeit -eq 0 ]]; then
pass show -c "$password" 2>/dev/null
else
pass show "$password" | { IFS= read -r pass; printf %s "$pass"; } |
xdotool type --clearmodifiers --file -
fi

For reference, dmenu is a suckless utility. This script is not my own, but is zx2c4's script I am using as an example.

=> Passmenu source code.

This script takes the list of passwords, lets you select one in the interface created by dmenu, and when you select one, copies it to the clipboard so you can paste it in the respective password box for any account you need to log into. I also have this mapped to a keybind in DWM, "Mod+Shift+P", so any time I need a password, I can get it("Mod+P" is used for pausing music which I do more frequently than I get passwords).

As you can see, it follows the UNIX philosophy pretty well, making it very useful as a password manager. It dodges the issues of contemporary online password managers that are centralised and very much so freedom-restricting, leveraging the passwords to make money from the end users. The fact it's gpg-encrypted means it's also good to use with cloud storage solutions. Overall, it's a tool oft-overlooked by people.

Published on 2022/10/06

Articles from blogs I follow around the net

Movies: Daredevil: Born Again (2025-)

Matt Murdock finds himself on a collision course with Wilson Fisk when their past identities begin to emerge. Properly done, it continues properly the Netflix-based series, setting the proper dark mood and featuring the great role done by Vincent D’Onofrio…

via andrei.xyz July 24, 2025

THE REPUBLIC #12

ROGER DESU! New silo. No more speeches. Not for a while, at least. I've decided to try my hand at telescreenplays, at the expense of fewer helicopter rides, fewer struggle sessions in darkened rooms, and fewer new bosses mad with hallucinated electora…

via I'm not really Stanley Lieber. July 23, 2025

thecozycat ❤️ Playing the new Tamagotchi Paradise! (Water)

Playing the new Tamagotchi Paradise! (Water)

via thecozycat July 23, 2025

Generated by openring