logo
Free, unlimited AI code reviews that run on commit
git-lrc git-lrc GitHub Install Now We'd appreciate a star git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt

gopass - stores, retrieves, generates, and synchronizes passwords securely

Contents

Author

gopass was written by Alexandre Viau.  For updates and more information, a project page is  available  on
       the World Wide Web.

       pass was written by Jason A. Donenfeld.  For updates and more information, a project page is available on
       the World Wide Web.

Commands

init [ --path=path, -ppath ] gpg-id...
              Initialize new password storage and use gpg-id for encryption.  Multiple gpg-ids may be specified,
              in  order  to  encrypt  each  password with multiple ids.  This command must be run first before a
              password store can be used.  If the specified gpg-id  is  different  from  the  key  used  in  any
              existing  files, these files will be reencrypted to use the new id.  Note that use of gpg-agent(1)
              is recommended so that the batch decryption does not require as much user intervention.

       lssubfolder
              List names of passwords inside the tree at subfolder by using the tree(1) program. This command is
              alternatively named list.

       grepsearch-string
              Searches inside each decrypted password file  for  search-string,  and  displays  line  containing
              matched string along with filename.

       findpass-names...
              List  names  of passwords inside the tree that match pass-names by using the tree(1) program. This
              command is alternatively named search.

       show [ --clip, -c ] [ --two-factor, -2fa ] [ --username, -u ] pass-name
              Decrypt and print a password named pass-name.  If --username or -u is specified, do not print  the
              password but instead attempt to find the username.  If --clip or -c is specified, do not print the
              password but instead copy the first line to the clipboard using xclip(1).  If --two-factor or -2fa
              is  specified,  attempt  to  generate  a  TOTP code for the given password. This requires that the
              password contain either a full otpauth:// URI or a TOTP secret prefixed by '2fa:'.

       insert [ --multiline, -m ] [ --force, -f ] pass-name
              Insert a new password into the password store called pass-name. This will read  the  new  password
              from  standard in. If --multiline or -m is specified, an editor will be opened for you to type the
              password. Otherwise, only a single line from standard in is read.  Prompt  before  overwriting  an
              existing password, unless --force or -f is specified. This command is alternatively named add.

       editpass-name
              Insert  a new password or edit an existing password using the default text editor specified by the
              environment variable EDITOR or using editor as a fallback. This mode makes use of temporary  files
              for editing.

       generate [ --no-symbols, -n ] [ --force, -f ] pass-namepass-length
              Generate a new password of length pass-length and insert into pass-name.  If --no-symbols or -n is
              specified,  do  not  use  any non-alphanumeric characters in the generated password. Prompt before
              overwriting an existing password, unless --force or -f is specified.

       rm [ --recursive, -r ] [ --force, -f ] pass-name
              Remove the password named pass-name from the password store. This command is  alternatively  named
              remove  or  delete.  If  --recursive  or  -r is specified, delete pass-name recursively if it is a
              directory. If --force or -f is specified, do not interactively prompt before removal.

       mv [ --force, -f ] old-pathnew-path
              Renames the password or directory named old-path to new-path. This command is alternatively  named
              rename.  If  --force is specified, silently overwrite new-path if it exists. If new-path ends in a
              trailing /, it is always treated as a directory.

       cp [ --force, -f ] old-pathnew-path
              Copies the password or directory named old-path to new-path. This command is  alternatively  named
              copy.  If  --force  is  specified, silently overwrite new-path if it exists. If new-path ends in a
              trailing /, it is always treated as a directory.

       gitgit-command-args...
              If the password store is a git repository, pass git-command-args as arguments to git(1) using  the
              password store as the git repository. If git-command-args is init, in addition to initializing the
              git  repository,  add  the  current contents of the password store to the repository in an initial
              commit.

       help   Show usage message.

       version
              Show version information.

Copying

       This  program  is  free  software;  you  can  redistribute it and/or modify it under the terms of the GNU
       General Public License as published by the Free Software Foundation; either version 3 of the License,  or
       (at your option) any later version.

       This  program  is  distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even
       the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General  Public
       License for more details.

       You  should have received a copy of the GNU General Public License along with this program; if not, write
       to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

Alexandre Viau                                    2015 March 29                                        GOPASS(1)

Description

gopass  is  a  very  simple  password  store that keeps passwords inside gpg2(1) encrypted files inside a
       simple directory tree residing at ~/.password-store.  The gopass utility provides a  series  of  commands
       for  manipulating  the password store, allowing the user to add, remove, edit, synchronize, generate, and
       manipulate passwords.

       If no COMMAND is specified, COMMAND defaults to either show or ls, depending on the type of specifier  in
       ARGS. Otherwise COMMAND must be one of the valid commands listed below.

       Several of the commands below rely on or provide additional functionality if the password store directory
       is  also  a  git  repository.  If  the  password  store directory is a git repository, all password store
       modification commands will cause a corresponding git commit.  git(1).

       The init command must be run before other commands in order to initialize the  password  store  with  the
       correct gpg key id. Passwords are encrypting using the gpg key set with init.

       There is a corresponding bash completion script for use with tab completing password names in bash(1).

Environment Variables

PASSWORD_STORE_DIR
              Overrides the default password storage directory.

       EDITOR Text editor to use.

Files

~/.password-store
              The default password storage directory.

       ~/.password-store/.gpg-id
              Contains the default gpg key identification used for encryption and decryption.  Multiple gpg keys
              may be specified in this file, one per line.

Name

       gopass - stores, retrieves, generates, and synchronizes passwords securely

See Also

gpg2(1), git(1),

Synopsis

gopass [ COMMAND ] [ OPTIONS ]... [ ARGS ]...

See Also

Password
Password PNG Icons
Store
Store PNG Icons
Headphones Icomoon
Headphones Icomoon SVG Icons
Command
Command PNG Icons
Passes
Passes PNG Icons
Man Pages
Path Man Pages
MCP
Directory Mcp
Man Pages
named Man Pages
Man Pages
names Man Pages
← View User commands Category← Back to File management🙏  Credits & Acknowledgments