Text-Based Password Manager for Linux: Linux Pass

Linux servers typically aren’t equipped with graphical user interfaces. A command line interface is more efficient.

However, in the absence of graphical user interfaces, how do you manage passwords?

Given that this is Linux, solutions always exist. In this scenario, the remedy is pass, a command-line password manager that stores all credentials in a PGP-encrypted text file, ~/.password-store.

The pass command enables you to add, edit, generate, and retrieve stored passwords, along with temporarily copying a password to the clipboard and tracking password changes using Git.

Indeed, pass is practical and a tool you’ll want readily available.

I’ll guide you through the installation and utilization of the pass command-line password manager.

Essential Requirements

I’ll be demonstrating this on Ubuntu Server 22.04, but pass is also compatible with Fedora-based distributions. The sole distinction lies in the installation command (which I’ll elaborate on later). Additionally, you will need a user with sudo privileges for installation, and a PGP key generated and stored on the machine (instructions for this will be provided).

It’s worth noting that pass can also be installed on MacOS via Homebrew.

That’s all there is to it. Let’s proceed with installing pass.

Deploying Pass

The first step involves the installation of pass. Log in to your Ubuntu server and execute the following command:

For users of Fedora-based systems, the command would be:

Creating Your PGP Key

Subsequently, a PGP key must be generated for use with pass. To accomplish this, return to the terminal and execute the following command:

Answer the prompted queries to finalize the process. One question will require you to input an email address for key association, which will be necessary during the pass setup.

Initialization of Pass

Now that you have your PGP key ready, it’s time to initialize pass using the command:

Replace EMAIL with your associated email address for the PGP key. This will establish a new password store and configure it for the designated email address.

Utilizing Pass

With all prerequisites in place, it’s time to create your initial entry in the pass password store. Say you wish to add a password for Facebook. This will involve creating an entry for Facebook and a folder categorizing Social networking sites. The command for this scenario would be:

You’ll be prompted to define a password for the Facebook entry. If you wish to associate a username with the account, you can execute a command like this:

Where USERNAME represents the username for the Facebook account in question.

To view the password for a specific account, issue the following command:

To successfully view the password, you’ll need to enter the passphrase associated with the GPG key utilized to set up the password store.

Suppose you also desire to add an entry for Twitter (known as X) and wish for it to be stored in the SOCIAL category. In that case, the command would be:

Where USERNAME signifies the Twitter/X username.

To display the layout of your password store, use the command:

The results will resemble the following structure:

Moreover, pass can be utilized to generate random passwords, which can then be utilized to create new entries. For example, if you’re setting up a new user account for Twitter/X and wish to generate a 12-character random password to store in the password store, you can execute the following command:

Upon executing the pass command, you’ll observe that the new entry has been established. Once again, you can view this generated password using the command: