3 password managers for the Linux command line

Password managers for people who spend a lot of time in a terminal window.
367 readers like this.
Password

freeGraphicToday, via Pixabay. CC0.

We all want our passwords to be safe and secure. To do that, many people turn to password management applications like KeePassX or Bitwarden.

If you spend a lot of time in a terminal window and are looking for a simpler solution, you'll want to check out one of the many password managers for the Linux command line. They're quick, easy to use, and secure.

Let's take a look at three of them.

Titan

Titan is a password manager that doubles as a file-encryption tool. I'm not sure how well Titan works at encrypting files; I only looked at it as a password manager. In that capacity, it does a solid job.

Titan

opensource.com

Titan stores your passwords in an encrypted SQLite database, which you create and add a master passphrase to when you first fire up the application. Tell Titan to add a password and it asks for a name to identify it, a username, the password itself, a URL, and a comment about the password.

You can get Titan to generate a password for you, and you can search your database by an entry's name or numeric ID, by the name or comment, or using regular expressions. Viewing a specific password, however, can be a bit clunky. You either have to list all passwords and scroll through them to find the one you want to use, or you can view the password by listing the details of an entry using its numeric ID (if you know it).

Gopass

Gopass is billed as "the team password manager." Don't let that put you off. It's also great for personal use.

gopass

opensource.com

Gopass is an update of the venerable Unix and Linux Pass password manager written in the Go programming language. In true Linux fashion, you can either compile the source code or use an installer to get gopass on your computer.

Before you start using gopass, make sure you have GNU Privacy Guard (GPG) and Git on your system. The former encrypts and decrypts your password store, and the latter signs commits to a Git repository. If gopass is for personal use, you still need Git. You just don't need to worry about signing commits. If you're interested, you can learn about those dependencies in the documentation.

When you first start gopass, you need to create a password store and generate a secret key to secure that store. When you want to add a password (which gopass refers to as a secret), gopass asks you for information such as a URL, a username, and a note about the secret. You can have gopass generate the password for the secret you're adding, or you can enter one yourself.

As you need to, you can edit, view, or delete passwords. You can also view a specific password or copy it to your clipboard to paste it into a login form or window.

Kpcli

The open source password manager of choice for many people is either KeePass or KeePassX. Kpcli brings the features of KeePass and KeePassX to your nearest terminal window.

kpcli

opensource.com

Kpcli is a keyboard-driven shell that does most of what its graphical cousins can do. That includes opening a password database; adding and editing passwords and groups (which help you organize your passwords); or even renaming or deleting passwords and groups.

When you need to, you can copy a username and password to your clipboard to paste into a login form. To keep that information safe, kpcli also has a command to clear the clipboard. Not bad for a little terminal app.


Do you have a favorite command-line password manager? Why not share it by leaving a comment?

That idiot Scott Nesbitt ...
I'm a long-time user of free/open source software, and write various things for both fun and profit. I don't take myself all that seriously and I do all of my own stunts.

10 Comments

I can recommend you to try https://github.com/pwman3/pwman3
It's a tiny hackable password manager written in Python3.

(disclosure: I am the main author).

pass is sweet! gpg encryptioned passwords in a git repository. Using git allows any device with access (phone, tablet, laptop or workstation) to use and update passwords, even when not connected to the central repository. We tried keepass on a share, but we kept stepping on changes.

In reply to by victorhck

I think the first thing you must decide is whether a given password is worth fretting about. We all have a host of websites that we have to use a password for, but if someone "cracked" our login we wouldn't lose one thing of value.

I like kbsecret, it's a secrets manager someone made that uses Keybase's KBFS to store data on.

trespass is another cli tool to try. Written in python3 and on github.

Is there any password manager for RHEL or Centos machine ?

Any of the password managers listed in this article should work with REHL or CentOS.

In reply to by sushil rangari (not verified)

Creative Commons LicenseThis work is licensed under a Creative Commons Attribution-Share Alike 4.0 International License.