1. 15
  1.  

  2. 7

    As a pass user my immediate question was how does this differ from it? The FAQ says:

    How does this differ from pass or etc?

    I was looking for a CLI password manager (written in shell) and wasn’t happy with the options I had found. They either had multiple instances of eval (on user inputted data), lots of unsafe shell (nowhere near being shellcheck compliant.) or they were overly complex. The opposites for what I’d want in a password manager.

    I decided to write my own. pash is written in POSIX sh and the codebase is minimal (100~ lines).

    1. 2

      On the other hand, it’s not packaged in apt, so if there’s a vulnerability discovered, you’re on your own to manually update it.

      1. 1

        This made me realize that I never use the actual pass CLI - I either use the Android app, qtPass (on windows) on vim.

        1. 1

          What do you use pass in vim for? Also, is it this plugin? https://github.com/tsuyoshicho/vim-pass

          1. 3

            I just use the GPG plugin: https://github.com/jamessan/vim-gnupg

      2. 4

        Awesome project. I wanted to suggest using /dev/random instead of /dev/urandom, but apparently it doesn’ t matter.

        1. 2

          I’ve written something similar for my personal use – pw.

          1. 1

            I know that this might not be too polished because it’s for personal use, but why the mixed use of printf and echo? You can also use herestrings (<<<string) to redirect a string to a command’s stdin in Bash. Also, you might want to print error messages from die to stderr (>&2).

            1. 1

              Ah yes, thanks for pointing out those inconsistencies. I’ll fix it.

          2. 1

            I’ve written something similar, but in Tcl and instead of GPG using smartcards/yubikey called hunter2.

            1. 1

              Why gpg? I find using public-key crypto for a password manager to be a weird choice. Specifically, gpg which has a terrible UX.

              It’s actually the reason I stopped using pass because at some point I could configure my gpg to either sign commits, or work with pass, but not both. Since life is short and I don’t want to infinitely debug crap like GPG I just ended up storing everything in a Vim-encrypted file 🤷

              1. 1

                The nice thing about pash is that it is so simple that it is easy to modify, and more importantly, it can read the pass password store – You simply have to set the right path.

                By the way, does any one seriously use the list command? It prints a tree, which is totally hostile to grep. Here is my fork that changes it to simply list things instead (and moves the original list to tree) which makes it easy to search using grep.

                1. 2

                  Your fork shows the tree output above the fold in the readme.

                  1. 1

                    Are you dylanaraps? If so thank you for adding it! (Btw: Why did you choose to use find instead of shell globs?)

                    1. 1

                      I am not, as others have said.

                      1. 1

                        No, he isn’t. I haven’t used this program yet, but POSIX shell globs can’t match things recursively.

                        1. 1

                          Oh OK, good to know. At the time I forked, he was still using globs, so was simply using the same style.

                          1. 1

                            Yes, that was before he rewrote it in POSIX sh (from Bash). ** is globstar, which is Bash-specific.