1 .\" Copyright (c) 2021, 2022 Omar Polo <op@omarpolo.com>
2 .\"
3 .\" Permission to use, copy, modify, and distribute this software for any
4 .\" purpose with or without fee is hereby granted, provided that the above
5 .\" copyright notice and this permission notice appear in all copies.
6 .\"
7 .\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
8 .\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9 .\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
10 .\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11 .\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
12 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
13 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
14 .Dd October 5, 2022
15 .Dt PLASS 1
16 .Os
17 .Sh NAME
18 .Nm plass
19 .Nd manage passwords
20 .Sh SYNOPSIS
21 .Nm
22 .Op Fl h
23 .Ar command
24 .Op Ar argument ...
25 .Sh DESCRIPTION
26 .Nm
27 is a simple password manager.
28 Passwords are stored as a directory tree where every password is a
29 file encrypted with
30 .Xr gpg 1 .
31 .Pp
32 A password store is a
33 .Xr got 1
34 repository with a worktree checked out at
35 .Pa ~/.password-store
36 .Pq or Ev PLASS_STORE .
37 The only restriction is that a special file called
38 .Pa .gpg-id
39 containing the GPG recipient must exist in the root of the directory tree
40 for most
41 .Nm
42 commands to work.
43 .Pp
44 Password entries can be referenced using the path relative to the
45 store directory.
46 The file extension
47 .Dq \&.gpg
48 is optional.
49 .Pp
50 .Nm
51 provides global and command-specific options.
52 Global options must precede the command name, and are as follows:
53 .Bl -tag -width Ds
54 .It Fl h
55 Display usage information and exit immediately.
56 .El
57 .Pp
58 The following commands are available:
59 .Bl -tag -width Ds
60 .It Cm cat Ar entries ...
61 Decrypt and print the content of
62 .Ar entries
63 in the given order.
64 .It Cm find Op Ar pattern
65 Print the entries of the store one per line, optionally filtered by
66 .Ar pattern .
67 .It Cm gen Oo Fl nq Oc Oo Fl c Ar chars Oc Oo Fl l Ar length Oc Ar entry
68 Generate and persist a password for the given
69 .Ar entry
70 in the store.
71 .Fl c
72 can be used to control the characters allowed in the password
73 (by default
74 .Dq !-~
75 i.e. all the printable ASCII characters)
76 and
77 .Fl l
78 the length
79 .Pq 32 by default .
80 Unless the
81 .Fl q
82 flag is provided, print the generated password.
83 If the
84 .Fl n
85 flag is given the password won't be persisted and the
86 .Ar entry
87 argument is optional.
88 .It Cm mv Ar from Ar to
89 Rename a password entry, doesn't work with directories.
90 .Ar from
91 must exist and
92 .Ar to
93 mustn't.
94 .It Cm rm Ar entries ...
95 Remove the given
96 .Ar entries
97 from the store.
98 .It Cm tee Oo Fl q Oc Ar entry
99 Prompt for a password and persist it into the store under the given
100 .Ar entry
101 name and the print it again on the standard output unless the
102 .Fl q
103 option is given.
104 .El
105 .Sh ENVIRONMENT
106 .Bl -tag -width Ds
107 .It Ev PLASS_CHARS
108 default range of characters to use to generate passwords.
109 .It Ev PLASS_GOT
110 Path to the
111 .Xr got 1
112 executable.
113 .It Ev PLASS_GPG
114 Path to the
115 .Xr gpg 1
116 executable.
117 .It Ev PLASS_LENGTH
118 Default length for the generated passwords.
119 .It Ev PLASS_STORE
120 Path to the password store directory tree.
121 .El
122 .Sh FILES
123 .Bl -tag -width Ds
124 .It Pa ~/.password-store
125 Password store used by default.
126 .It Pa ~/.password-store/.gpg-id
127 File containing the GPG recipient used to encrypt the passwords.
128 .El
129 .Sh EXIT STATUS
130 .Ex
131 .Sh EXAMPLES
132 A got repository and password store can be initialized as follows:
133 .Bd -literal -offset indent
134 $ mkdir ~/.password-store
135 $ echo foo@example.com > ~/.password-store/.gpg-id
136 $ gotadmin init ~/git/pass.git
137 $ got import -r ~/git/pass.git -m 'initial import' ~/.password-store
138 $ got checkout -E ~/git/pass.git ~/.password-store
139 .Ed
140 .Pp
141 see
142 .Xr got 1
143 for more information.
144 .Pp
145 To migrate from
146 .Xr pass 1 ,
147 delete
148 .Pa ~/.password-store
149 and check out it again using
150 .Xr got 1 .
151 .Pp
152 To generate a temporary random password use
153 .Bd -literal -offset indent
154 $ plass gen -n
155 .Ed
156 .Pp
157 Display the entries matching
158 .Sq key
159 arranged comfortably for reading in a terminal window:
160 .Bd -literal -offset indent
161 $ plass find key | rs
162 .Ed
163 .Sh SEE ALSO
164 .Xr got 1 ,
165 .Xr gpg 1 ,
166 .Xr pass 1
167 .Sh HISTORY
168 .Nm
169 was heavily influenced by
170 .Xr pass 1
171 in the design, but it's a different implementation that prioritizes ease
172 of use and composability.
173 .Sh AUTHORS
174 .An -nosplit
175 The
176 .Nm
177 utility was written by
178 .An Omar Polo Aq Mt op@omarpolo.com .
179 .Sh CAVEATS
180 .Nm
181 .Cm find
182 output format isn't designed to handle files containing newlines.
183 Use
184 .Xr find 1
185 .Fl print0
186 or similar if it's a concern.
187 .Pp
188 .Nm
189 .Cm mv
190 is not able to move directory trees, only file entries.
191 .Pp
192 There isn't a
193 .Cm init
194 sub-command, the store initialization must be performed manually.