safely is a command-line tool for managing passwords. It stores all your credentials in a simple JSON-formatted file, encrypted and signed using your private OpenPGP key: this makes it pretty secure and allows manual decryption of the database when needed.
- Simple database format and GPG-based encryption to avoid lock-in.
- Fool-proof command-line interface.
- Support for 2-factor authentication, based on the TOTP algorithm (compatible with e.g. google-authenticator).
- Support for password strength estimation.
Before starting, note that a running gpg-agent is required for secret key operations, which is generally a good thing since this way safely doesn't need to know your GPG key's passphrase.
You may also want to add the following definition to your gpg.conf
:
default-key <your_key_id>
Where <your_key_id>
is the ID of your key. This way the --keys <your_key_id>
argument used below can be omitted.
To install, simply run:
$ go get github.com/ghedo/safely
Here are a few usage examples:
- Create a new database:
$ safely --create --keys <your_key_id>
- Add a new account:
$ safely --add google.com --keys <your_key_id>
- Show password of a given account:
$ safely --pass google.com
- Generate a 2-factor authentication token (you need to provide the 2-factor secret key during --add or --edit):
$ safely --2fa google.com
- Save password to X clipboard:
$ safely --pass google.com | xclip -loops 1
- Search accounts matching a string:
$ safely --search google
- Remove account:
$ safely --remove google.com --keys <your_key_id>
See the man page for more information.
safely is distributed as source code. Build with:
$ go build
Copyright (C) 2014 Alessandro Ghedini [email protected]
See COPYING for the license.