The software "pwman" is a tiny password manager for Linux (64bit) in terminal-mode. The passwords are AES128 encrypted on your harddrive. The Password Database is portable and backups can be made very easy by copying tow files located in your home folder.
The key "~/.key.pwds" and the password "~/.pwds" will be stored in the homefolder of the User. AES128 with a 32bit key are of course not very secure. This feature is primarily used as an additional security level to protect data from the eyes of third parties. I assume that the Linux partitions are already encrypted. Generally the two files are portable. However, the files must always be copied to the home directory.
Please keep in mind, that even AES128 is not the best encryption, for the most of you it is not possible to decrypt the Database when the key gets lost or damaged!
This Page always shows features of the current release of pwman. If you cannot use a feature you should update yours to the latest.
The sourcecode is available on my public gitserver.
The programm is distributed under the GNU General Public License Version 3.
You can install the binary with the commandline
$ wget https://dockerr.me/downloads/pwman-linux64/pwman-0.5.0.zip
$ unzip pwman-0.5.0.zip
sha256sum ./pwman
ca5fd3f6d5092ed4add697b4b6f70eda2b62828a9c9a9916054a59b85e07a0f6 pwman
$ cp pwman /bin
You should check the hash before you move pwman to the binaries. They should match the hash shown above. The binary for pwman can also be found here.
At the first lauch you will be asked if you want to create a new key. This happens when pwman can't find a key in your home folder.
$ pwman
Generate new Key (y/n)
Right after the Keyfile is created you can start pwman and use it.
$ pwman
GNU pwman
Options: (s)earch, (a)dd, (r)emove, sa(v)e changes, or (q)uit
To add a Password, just press "a" and "enter". The pwman will ask you for some credentials.
Add new Entry
Destination (URL, Service, Programm):
https://google.com
Username (could be empty):
foo.bar@gmail.com
Password:
S0m3FancyPa55word
Entry:
ID: 2,
Login: foo.bar@gmail.com
Password: S0m3FancyPa55word
Destination: https://google.com
Add to DB (y/n)
The pwman will show you the created entry and you can decide if the credentials are correct or if you want to abort the process. After all you can search for an entry by username or Service. The result can be no or many entries.
$ pwman
GNU pwman
Options: (s)earch, (a)dd, (r)emove, sa(v)e changes, or (q)uit
Enter Query:
foo
Entry:
ID: 0,
Login: foo
Password: 1234
Destination: test1
Entry:
ID: 1,
Login: foo
Password: 3456
Destination: test2
Options: (s)earch, (a)dd, (r)emove, sa(v)e changes, or (q)uit
The ID of the record is needed to delete the record. The database is not written back directly to the hard disk when changes are made, but as a copy in the working memory. To save changes, they must be saved in the ~/.pwds file. Use the v Option when the Programm prompts in the main menu.
$ pwman
GNU pwman
Options: (s)earch, (a)dd, (r)emove, sa(v)e changes, or (q)uit
If data has been changed or deleted, the program will ask if you want to save the data before exiting. Data that is not saved will be lost after the program is terminated.
The program has since version 0.3.0 arguments that can be attached to the program. As soon as an argument is attached, the program terminates after the corresponding output.
pwman 0.4.0
A tiny encrypted CLI Password manager
USAGE:
pwman [FLAGS] [OPTIONS]
FLAGS:
-e, --export return a CLI search as csv with semicolon. If enabled without --query it exports the whole DB.
-h, --help Prints help information
-I, --import Import Firefox Password CSV files. usage: pwman --I < examples/data/firefox_export.csv
-o, --overwrite Overwrites existing entries of the Database when --import is set.
-s, --show Shows the Password. If not set, the Password is hidden.
--updatekey Generate a new keyfile and updates the whole DB to the new key
-V, --version Prints version information
OPTIONS:
-i, --dbid Returns a db entry by ID
-q, --query Perform a CLI search for a service or login
By default, no passwords are displayed. To show passwords the flag "-s" or "--show" must be added.
$ pwman --dbid 1
Entry:
ID: 1,
Login: foo
Password: ****
Destination: test2
$ pwman --dbid 1 -s
Entry:
ID: 1,
Login: foo
Password: fancyPa55word
Destination: test2
With the flag "-e", respectively "--export" the output can be done as semicolon separated representation. However, the flag "-s" must also be set here so that the passwords are displayed.
$ pwman --dbid 1 -e
1;test2;foo;****
$ pwman --dbid 1 -es
1;test2;foo;fancyPa55word
If no search query is made, the "-e" flag can be used to export all data. Also here the "-s" flag is used to protect the passwords.
$ pwman -es
0;test1;foo;&&%fg77989
1;test2;foo;fancyPa55word
$ pwman -e
0;test1;foo;****
1;test2;foo;****
With "--query" you can search in data using text. Also here the flags "-s" and "-e" can be used to customize the output.
$ pwman --query foo
Entry:
ID: 0,
Login: foo
Password: ****
Destination: test1
Entry:
ID: 1,
Login: foo
Password: ****
Destination: test2
$ pwman --query foo -es
0;test1;foo;&&%fg77989
1;test2;foo;fancyPa55word
With "--import" you can import password lists that are exported by Firefox. In general existing URL/Username Entries will be not overwriten. To overwrite existing Entries you have to set "-o" for overwrite. At last you can use every CSV File as long as there have the fields url, username and password and it has semicolon as delimiter.
$ pwman -I < home/username/Documents/firefox_export.csv
Import of 16 entries in Memory
$ pwman -Io < home/username/Documents/firefox_export.csv
Import of 67 entries in Memory
If the key is compromised or an update was made from a version older than version 0.5.0, the key should be renewed. The program will point out with an old key.
With "--updatekey" the key will be updated from 16byte to 176byte. The current Database will be updated. You should create copies of .key.pwds and .pwds located in you home-folder before starting the command.
Version 0.5.0 - 06/01/2023
-------------
* minor fixes
* security update (read https://dockerr.me/blog/06-01-2023.htm)
Version 0.4.0 - 04/01/2023
-------------
* minor fixes
* refactoring work on codebase
* import of Firefox passwords
* decrease memory usage
Version 0.3.0 - 27/12/2022
-------------
* minor fixes
* add arguments support
Version 0.2.0 - 26/12/2022
-------------
* fix panic when key is created
* add iterative presentation if search by query returns more than one result
Version 0.1.0 - 14/12/2022
-------------
* initial release
| Version | Size | zip | tar |
|---|---|---|---|
| pwman 0.5.0 | ~ 4.7mb | zip | tar |
| pwman 0.4.0 | ~ 4.7mb | zip | tar |
| pwman 0.3.0 | ~ 4.3mb | zip | tar |
| pwman 0.2.0 | ~ 4.0mb | zip | - |
| pwman 0.1.0 | ~ 4.0mb | zip | - |