GithubHelp home page GithubHelp logo

tteeoo / sest Goto Github PK

View Code? Open in Web Editor NEW
3.0 2.0 0.0 15.8 MB

🔑 A local command-line based password manager using AES-256 encryption.

License: BSD 2-Clause "Simplified" License

Go 100.00%
password-manager cryptography golang encryption go command-line

sest's Introduction

sest: secure strings

sest (pronounced "es ee es tee") is a local command-line password manager.

sest stores information in "containers", which are really just json files containing a password hash, salts, and some encrypted json.

Each container has its own master password which is used to access its contents.

A container stores data in key-value pairs, with a main value, and another optional value, used to store usernames.

sest works on Linux based systems and probably most other UNIX based systems (not tested).

Installation

If you have Go installed then simply clone the repo, cd into it, and run go install.

Otherwise, a Linux binary is provided with the latest release on GitHub.

The default directory where containers are stored is $HOME/.sest, set the environment variable SEST_DIR to change this (no slash at the end).

Usage

sest [-h | --help ] 
     [-V | --verison]
     [<command> [arguments]]

Commands

ls                     lists all containers
mk  <container>        makes a new container
ln  <container>        lists all keys in a container
chp <container>        changes a container's password
del <container>        deletes a container
in  <container> <key>  stores a new key-value pair in a container or changes an existing key
cp  <container> <key>  copies the value of a key from a container to the clipboard (requires xclip)
rm  <container> <key>  removes a key-value pair from a container
out <container> <key>  prints out the value of a key from a container
exp <container> <path> export a container to a json file
imp <container> <path> import a container from a json file

Security

To be frank, I am no cryptography expert, and one may find a flaw in this system. I'm (interpret this how you wish) 99% sure that it's perfectly fine for storing sensitive information.

So, here's how it works:

  • A random salt is generated and used with your password in an Argon2id hash
  • Another random salt is generated and also stored alongside the above two values (base64 encoded) in every container
  • The data of each container is encrypted with AES-256 GCM using your (verified) password Argon2 hashed with the other salt as the key

License

sest is licensed under the BSD 2-clause license, use this program at your own risk; it offers no warranty for stolen information.

sest's People

Contributors

tteeoo avatar greerpage avatar dependabot[bot] avatar

Stargazers

Jairo Morales Pérez avatar Thiago Zilli Sarmento avatar avatar

Watchers

James Cloos avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.