/bashpass

Password management for the terminal and X.

Primary LanguageShellISC LicenseISC

bashpass

password generator, storage and reference for the terminal and/or X.

1 Use Case

  1. I can create passwords
  2. / / recall passwords
  3. / / update passwords
  4. / / delete accounts
  5. / / import a csv file
  6. / / export a csv file

1.1 Using terminal

1.2 Using dialog, cdialog

1.3 Using Xdialog

1.4 Using zenity

1.5 Using yad

2 Files

  1. bashpass

    main script

  2. srcs

    Accompanied functions.

    Namely general, backend and ?UI specific

  3. examples

    Create DB script and import example files.

  4. test.bats

    Bats tests file.

    Needs bats installed to run.

  5. readme.org

    This file

  6. license

    A License

3 Dependencies

  1. GNU/BSD based distro
  2. BASH v4

    A recent Bash installation with a major version no less than 4.

  3. SQLite v3

    SQLite3 installed and sqlite3 available in ${PATH}.

  4. GNU Privacy Guard

    You need gnupg installed, gpg2 or gpg executable readily available in ${PATH}.

  5. Optionally…
    1. yad,zenity,Xdialog for an X client.
    2. cdialog,dialog for a tty TUI.
    3. finally, xclip for some middle click password pasting functionality.

4 Usage

4.1 Disclaimer - Use at your own risk.

  • This author makes no claims, guarantees or promises of any kind.
  • This project is nothing more than a UI/CRUD/SQL/PGP playground.
  • Not tested for production use at any load or capacity.
  • This script assumes you can secure the safety of your computer hardware/software at least for the duration of its operations.
  • There is no backwards compatibility maintanance plan between batabases of different versions of this script.

    So if you thinking of a git pull/fetch, make sure to hit that csv export menu option first.

If you don’t already have one, make a gpg2 keyring.

4.3 Basic usage:

bashpass [default.gpg] [yad|zenity|Xdialog|cdialog|dialog|terminal] [--debug] [--help]

4.4 Optional command line arguments

  • You can provide a gpg2 encrypted SQLite3 database create script for use with bashpass.

    (It is the same file that SQLite3 will output when given the .dump command).

    That script needs to be encrypted to your personal keyring, have a .gpg extension and reside in dbs folder.

    If no such option is given the script will use default.gpg.

    If no such file is available (eg: first time use, new db request) it’ll be created.

    You can only have one instance of each *.gpg file open at any given time for obvious reasons.

    This is internally enforced by MUTEX implementation.

  • If you’d like to test other UI options try: bashpass [yad|zenity|Xdialog|cdialog|dialog], needless to say they have to be installed.

    If not, bashpass will default to the highest available option in that order.

  • The debug option will set -vx to bashpass, enabling it to echo commands in the terminal.

    To say the least: It’s noisy!

  • Help will print Usage and exit.

5 Notes

  1. Consider launching bashpass with launch from terminal option enabled

    (where available, eg in dmenu: xterm -hold -e /path/to/bashpass [default.gpg])

    as it will not run otherwise.

    For SQLite session availability (highly insecure), gnupg input and debugging purposes.

  2. Passwords generated by bashpass are 16 character long [:graph:] type

    random strings from /dev/urandom, with some exceptions: \ `$|,'",

    namely: backslash, backtick, pound, colon, comma, quotes(both).

6 TO-DOS [5/8] [62%]

6.1 ✔ Encryption

Add pgp encryption

6.2 ✔ Clipboard

Depending on xclip availability on Xdialog mode and upon single record

Create, Retrieve and Update operations selected password will be copied to

XA_PRIMARY xclip target (pasteable with middle mouse button),

with it’s trailing newline (‘\n’) removed.

6.3 ✔ Modular UI [3/3] [100%]

Depending on the environment.

6.3.1 ✔ GUI

Based on availability

6.3.2 ✔ GUI/TUI

Based on X

6.3.3 ✔ zenity/yad support

Done.

6.4 ✔ NULL values

Central null value handling for various ?UIs list building consistency.

Moved to ${be} insert function.

6.5 ✔ In memory only SQLite3 db

For security reasons

Done!

6.6 pass mode

Add a menu option for pass (password-store) compatibility mode

6.7 l10n support

Source a l10n.src file that will feed translated strings according to ${LANG} settings.

6.8 Selectable back ends

Like: csv, xml, json etc…

This repo may help: structured-text-tools

7 Updates

7.1 <2019-11-27 Wed>

Depending on xclip availability and on single record operations,

you’ll be able to paste affected passwords via middle-click.

7.2 <2021-09-06 Mon>

setup script went BB and got replaced with func_setup,

for less repeated code and a more compact design.

7.3 <2021-09-06 Mon>

Changes to gpg2 encryption options.

You can launch bashpass like so:

BP_KEY=”my@email.net” ./bashpass mygpgfile.gpg # or

BP_EML=”my@email.net” ./bashpass mygpgfile.gpg

Alternatively use an RC file to store email details,

see .bashpass.rc.example and don’t forget to rename it to use it:

echo "BP_KEY=\"my@email.net\"" > .bashpass.rc $BP_KEY will encrypt to your personal keyring, or

echo "BP_EML=\"my@email.net\"" > .bashpass.rc $BP_EML will encrypt with a conventional symmetric algorithm.

On RC file and envar absence this script will default

to symmetric encryption to a gpg key provided by you (via gpg2 prompt).

Another small detail that could lead to misconceptions:

RC file should be located in bashpass’s dirname folder (as all other relative files)

and not ${HOME} or ${XDG_CONFIG_HOME:-${HOME}/.config}.

So this time literally, It’s not a bug… It’s a feature!

7.4 <2021-09-08 Wed>

From now on the update function will be able to modify all available account fields, not only passwords.

7.5 <2021-09-09 Thu>

Basic data input validation for all account fields has been implemented (see Notes #3, No \ `$|,'" chars.)

7.6 <2021-09-10 Fri>

Persistant edits have been implemented.

On create/update functions on charachter validity/password mismatch errors

the user will be returned to create/update forms to trouble-shoot accordingly with his edits preserved.

The default option thus far was to repeat the proccess from scratch.

7.7 <2021-09-12 Sun>

Zenity:

No way to set default values on zenity forms,

so with that in mind, an editable list was the best way to go.

7.8 <2021-10-02 Sat>

For security reasons SQLite3 will work in :memory: mode only.

7.9 <2021-10-05 Tue>

Basic file checks for csv import/export functions impemented.

8 Contributing http://unmaintained.tech/badge.svg

Typos, syntactic and grammar welcome, other than that all PR’s will be reviewed.

In the rare case that you really must contribute, feel free

to buy me some coffee in or ₿ (bitcoin:19TznUEx2QZF6hQxL64bf3x15VWNy8Xitm).