Passpie: manage login credentials from the terminal
marcwebbie.ioSeems similar to 'pass' (http://www.passwordstore.org) but IMO without pass' killer feature: git integration. pass manages passwords as a directory tree of gpg encrypted files which can be easily synchronized with multiple machines using built-in git integration (not to mention all the other benefits of version control, like undo/redo, history, etc).
Version control is really cool for this sort of information. Unfortunately, pass leaks information in filenames, which is a pretty big problem for some uses. In my opinion, the version control needs to be built into the application to avoid all the potential side channel information leaks.
I think it's important to point out that whether something like this matters depends entirely on your security model. For example, an attacker learning that I have a gmail account isn't very useful information, so I don't consider it confidential. This is a property of most of my credentials.
The way pass is built on top of gpg encrypted files in git is at the core of its robustness and simplicity. Creating an encrypted, version controlled store from scratch would be a not insignificant engineering effort, though something similar could be accomplished, for example, by putting the password store inside encfs.
If the mere existence of a credential is considered confidential information, a simple measure to bypass this flaw is to give it a meaningless randomly generated name such as "faithful_iceberg".
I've been using pass for a while now. It's quite mature and stable. I use it with git and put it through encfs and sync it with dropbox. Works quite well.
I hope this matures enough to compete with `pass`
Hm, that's what put me off pass. I want to manage my own dotfiles git repository.
The git integration is optional. If you don't turn it on you just have a .password-store directory of gpg encrypted files. I don't see why you couldn't add that to your dot files git repo.
I am the author of Passpie and one of my goals with passpie was that it should be as configurable as possible. Pass(http://www.passwordstore.org) is a great and mature cli application and as with any great applications there are alternatives.
History (undo/redo) is planned on passpie, probably using git as well.
Some ideas are: passpie history --list passpie history --undo XYZ passpie history --redo ABC passpie history --backend git --redo 123 passpie history --sync
You may like pass you may like passpie you may like both. :)
For Fedora users:
http://copr-fe.cloud.fedoraproject.org/coprs/rkuska/passpie/