This post was first published at Opensource.com and appears here via a CC-BY-SA 4.0 license.
We all want our passwords to be safe and secure. To do that, many people turn to password management applications like KeePassXC or Bitwarden.
If you spend a lot of time in a terminal window and are looking for a simpler solution, you’ll want to check out one of the many password managers for the Linux command line. They’re quick, easy to use, and secure.
Let’s take a look at three of them.
Titan is a password manager that doubles as a file-encryption tool. I’m not sure how well Titan works at encrypting files; I only looked at it as a password manager. In that capacity, it does a solid job.
Titan stores your passwords in an encrypted SQLite database, which you create and add a master passphrase to when you first fire up the application. Tell Titan to add a password and it asks for a name to identify it, a username, the password itself, a URL, and a comment about the password.
You can get Titan to generate a password for you, and you can search your database by an entry’s name or numeric ID, by the name or comment, or using regular expressions. Viewing a specific password, however, can be a bit clunky. You either have to list all passwords and scroll through them to find the one you want to use, or you can view the password by listing the details of an entry using its numeric ID (if you know it).
Gopass is billed as the team password manager. Don’t let that put you off. It’s also great for personal use.
Gopass is an update of the venerable Unix and Linux Pass password manager written in the Go programming language. In true Linux fashion, you can either compile the source code or use an installer to get gopass on your computer.
Before you start using gopass, make sure you have GNU Privacy Guard (GPG) and Git on your system. The former encrypts and decrypts your password store, and the latter signs commits to a Git repository. If gopass is for personal use, you still need Git. You just don’t need to worry about signing commits. If you’re interested, you can learn about those dependencies in the documentation.
When you first start gopass, you need to create a password store and generate a secret key to secure that store. When you want to add a password (which gopass refers to as a secret), gopass asks you for information such as a URL, a username, and a note about the secret. You can have gopass generate the password for the secret you’re adding, or you can enter one yourself.
As you need to, you can edit, view, or delete passwords. You can also view a specific password or copy it to your clipboard to paste it into a login form or window.
The open source password manager of choice for many people is either KeePass or KeePassXC. Kpcli brings the features of KeePass and KeePassX to your nearest terminal window.
Kpcli is a keyboard-driven shell that does most of what its graphical cousins can do. That includes opening a password database; adding and editing passwords and groups (which help you organize your passwords); or even renaming or deleting passwords and groups.
When you need to, you can copy a user name and password to your clipboard to paste into a login form. To keep that information safe, kpcli also has a command to clear the clipboard. Not bad for a little terminal app.