https://golang.org/doc/install#install
ℹ️ If you are using Linux, remember to add paths in your environment.
In this step, we'll set some paths in your environment. Edit ~/.profile
and add at the end these lines:
export GOPATH=$HOME/work
export PATH=$PATH:/usr/local/go/bin:$GOPATH/bin
https://github.com/gopasspw/gopass/blob/master/docs/setup.md#download-and-install-dependencies
https://github.com/gopasspw/gopass/blob/master/docs/setup.md#installing-from-source
To generate GPG key pair flow up gopass documentation.
ℹ️ Remember to send GPG public key and SSH public key (or GitHub username) to password store administrators
-
To generate GPG public key run command
gpg --export --armour user@example.com
Where
user@example.com
is an email address provided during GPG creation. -
SSH public key by default is stored at
~/.ssh/id_rsa.pub
but it can be also generated from the private key using a commandssh-keygen -y -f ~/.ssh/id_rsa
Where
~/.ssh/id_rsa
is path to SSH private key. -
Add gopass to .bashrc
source <(gopass completion bash)
gopass init
ℹ️ Note: You have to have pull and push access to the repository.
gopass clone --sync gitcli git@github.com:codilime/juniper-ci-passwords.git store-name
Where store-name
is a local name for this password store.
To check available passwords for this store run command:
gopass store-name
By default, gopass shows passwords but it can copy it to the clipboard instead. To enable it run:
gopass config safecontent true
gopass config safecontent --store store-name true
A web extension for Firefox and Chrome to insert login credentials from gopass.
https://github.com/gopasspw/gopassbridge
Just pick preferred browser and install an extension from a dedicated shop.
https://github.com/gopasspw/gopassbridge#install-browser-extension
In most cases, it is enough to run gopass jsonapi configure and follow the tutorial.
gopass jsonapi configure
https://github.com/gopasspw/gopassbridge#connect-to-gopass
A graphical user interface to search and manage gopass secrets.
https://github.com/codecentric/gopass-ui
Download and install latest release.
A small tutorial for CLI
List all existing secrets in storage or path.
gopass storage-name
# or
gopass list storage-name
Synchronize all local stores with remote.
gopass sync
This command will show the intended password. If the full path to the secret is not provided, gopass will grep for the most reasonable answer.
gopass show storage-name/path/secret-name
Add the secret to the storage.
gopass insert storage-name/path/secret-name
By adding -m
to insert it will turn on default editor on your system to provide multiline secrets. It is the best way to keep SSH private keys.
gopass insert -m storage-name/secret-name
Edit an existing secret.
gopass edit storage-name/secret-name
Remove existing secret.
gopass rm -r storage-name/path/secret-name
Copying secret from one path to another. The path can be in the same or different storage.
gopass cp storage-name1/secret-name storage-name2/secret-name
Gopass provides a secure way to store binary files. For more details go to gopass documentation.
Generate a new password of the specified length. Optionally put it on the clipboard and clear clipboard after 45 seconds. If secret already exists gopass will prompt before overwriting existing password (unless forced). Note that it will replace only the first line of an existing secret with a new one.
gopass generate
# or
gopass generate storage-name/secret-name
List recipients for all stores.
gopass recipients
Add recipient to one store. Gopass will prompt to choose GPG key and store.
gopass recipients add
Remove recipient from store.
gopass recipients remove
Turn on auto synchronization with a git repository.
gopass config autosync true
This option will force copying secrets to clipboard over showing them in the terminal.
ℹ️ It will also affect gopass-ui.
gopass config safecontent --store storge-name true
Sometimes during sync gopass is throwing an exception Failed to get public key for 0123456789ABCDEF0123456789ABCDEF01234567: exit status 2
. It means that new key was added to the repository and it needs to be imported to local Keyring. Gopass should do that automatically. To check that everything went right you can list recipients or sync again.