- https://github.com/FiloSottile/age
- https://github.com/FiloSottile/passage
- https://github.com/remko/age-plugin-se
Assumes you use Homebrew and git
# install age
brew install age
# install age plugin for use with apple secure enclave
brew tap remko/age-plugin-se https://github.com/remko/age-plugin-se
brew install age-plugin-se
# install passage password manager
PASSAGE_REPO="github.com/FiloSottile/passage"
git clone https://${PASSAGE_REPO}.git ~/src/${PASSAGE_REPO}
cd ~/src/${PASSAGE_REPO}
make install PREFIX="$(brew --cellar)/passage/$(git describe --tags)"
make install-common PREFIX="$(brew --prefix)"
brew link passage
autoload -U compinit; compinit
cd ~
# create directories
mkdir -p ~/.passage/store
# generate identity linked to apple secure enclave
KEY=$(age-plugin-se keygen --access-control=any-biometry)
# setup identity for passage
echo "$KEY" >> ~/.passage/identities
# add recipients for passage
echo "$KEY" | age-plugin-se recipients >> ~/.passage/store/.age-recipients
# optionally add alias
alias pass="passage"
note password-store plugins may not always be compatible with passage