/rucksack

A terminal-based secrets manager, generator, and importer/exporter (Firefox, Chrome) backed with a concurrent hashmap

Primary LanguageRustApache License 2.0Apache-2.0

rucksack

A terminal-based secrets manager, generator, and importer/exporter (Firefox, Chrome) backed with a concurrent hashmap

Features

  • Password generator (0.1.0)
  • Encrypted local storage (0.2.0)
  • Concurrent hashmap for use by daemons (0.2.0)
  • List secrets, both encrypted and decrypted (0.3.0)
  • Supports Firefox and Chrome CSV formats (importing, 0.3.0; exporting, 0.5.0)
  • Searching secrets via filtering (0.4.0)
  • Reports on password quality, duplicates, etc. (0.5.0)
  • Add new records to the DB (and support updates) via CLI subcommands (0.6.0)
  • Archived deletes (0.7.0)
  • Tags and categories (0.7.0)
  • Support public/private keys, certificates, API keys (0.7.0)
  • Split repo into rucksack-lib, rucksack-db, and rucksack crates (0.8.0)
  • Colourised and fully tabular output (0.8.0)
  • Password history (0.8.0)
  • Database backups, restores, and support for multiple backends (0.9.0)
  • Alternate storage backend implementations
  • Local network sync
  • 1Password, JSON, import/export improvements, etc.

Quick Examples

Generating a new password:

$ ./bin/rucksack gen

New password: AF47D285-a757%4576-ace0-538995D9@9=E
Password score: 100.00

See ./bin/rucksack help gen for more options.

Importing logins from a browser:

./bin/rucksack import --format firefox --file ~/Downloads/firefox-export.csv

List all passwords with a "strength" score of 20 or lower:

$ ./bin/rucksack list --max-score 20

+--------------------+----------+----------+--------------+--------------------------------+
| Name               | Type     | Category | Access Count | URL                            |
+--------------------+----------+----------+--------------+--------------------------------+
| carol              | Password | default  |            0 | http://example.com             |
| carol              | Password | default  |            7 | http://example.com             |
| admin              | Password | default  |            7 | http://localhost:3000          |
| admin              | Password | default  |            0 | http://localhost:3000          |
| admin              | Password | default  |            7 | http://localhost:3030          |
| admin              | Password | default  |            0 | http://localhost:3030          |
| admin              | Password | default  |            0 | http://localhost:3030          |
| foo                | Password | default  |            7 | http://localhost:8000          |
| foo                | Password | default  |            0 | http://localhost:8000          |
| foo                | Password | default  |            0 | http://localhost:8000          |
| shelly3            | Password | default  |            0 | https://bleep.bloop            |
| shelly3            | Password | default  |            7 | https://bleep.bloop            |
+--------------------+----------+----------+--------------+--------------------------------+

Documentation

Primary project documentation is here:

A quick peek at the top-level help from the terminal:

rucksack: A terminal-based secrets manager, generator, and importer/exporter (Firefox, Chrome) backed with a concurrent hashmap

Usage: rucksack [OPTIONS] [COMMAND]

Commands:
  add      Add a new secret
  backup   Operations related to the a single backup of the secrets DB; used with no subcommand, perform a backup
  backups  Operations related to multiple backups of the secrets DB
  config   Operations related to rucksack configuration
  delete   Delete a single record [aliases: rm, remove]
  export   Export the rucksack db
  gen      Generate a secret
  import   Pull in secrets from other sources
  list     List all secrets
  set      Perform various 'write' operations
  show     Display rucksack-specific information
  start    Run rucksack as a daemon, enabling local network syncing services
  help     Print this message or the help of the given subcommand(s)

Options:
      --config-file <config-file>  The path to the config file to use or create [default: "<user config dir>/rucksack/config.toml"]
      --log-level <log-level>      Override the configured log-level setting [default: ] [possible values: error, warn, info, debug, trace, ]
      --completions <SHELL>        Emit shell tab completions [possible values: bash, elvish, fish, powershell, zsh]
  -v, --version                    Print version information
  -h, --help                       Print help

Related

Other projects on crates.io tagged as #password-manager ...

Projects of particular interest:

  • kbs2 - A secret manager backed by age
  • RustCrypto - A Github org collecting a handful of pure-Rust encryption libraries
  • Firefox Sync

License

Copyright © 2022-2023, Oxur Group

Apache License, Version 2.0