Pass - The Standard Unix Password Manager
Рет қаралды 65,018
5 жыл бұрынLooking for a small yet powerful password manager that has plugins for most web browsers and builtin dmenu support? Look no further! And this password manager adheres to the Unix Philosophy.
📰 REFERENCED:
www.passwordstore.org/
wiki.archlinux.org/index.php/...
💰 WANT TO SUPPORT THE CHANNEL?
Patreon: / distrotube
Paypal: www.paypal.com/cgi-bin/webscr...
👕 BUY SHIRTS AND MUGS:
Help support this channel by purchasing these fine t-shirts, hoodies and mugs.
teespring.com/stores/distrotube
🗨️ SOCIAL PLATFORMS:
Diaspora: diasp.org/people/792034802a05...
Mastodon: mastodon.technology/@distrotube
IRC: irc://freenode #distrotube
GOPHER: gopher://distro.tube
📁 MY CONFIGS:
GitLab: gitlab.com/dwt1
Your support is very much appreciated. Thanks, guys!
@mtothem1337 5 жыл бұрын
I were skeptical about you when i first saw your videos pop up. but i really enjoy your videos now. they are very informative and you really know what you are talking about.
@trapspringer9891 4 жыл бұрын
Yeah, same here. I do watch some other Linux content creators, but DT is really knowledgeable and really breaks it down for us newbs.
@thytom8534 5 жыл бұрын
I always feel like your microphone audio is a little de-synced from your video. Can't complain too much, your videos are already at such a great standard. Keep up the good work!
@artaway6647 5 жыл бұрын
Yeah, feels like the audio is delayed a few miliseconds or something
@devon660 5 жыл бұрын
For generating a strong memorable master password diceware is a nice technique. And the whole point of using a password manager is to let it generate random passwords for you. So use `pass generate` instead of `pass insert`.
@Mike-0 5 жыл бұрын
This has a lot of sense. Thanks.
@AbduleeFtw 4 жыл бұрын
exactly i really feel like he didn't cover enough for pass
@errorsofmodernism9715 2 жыл бұрын
just use your dogs name as a password, no one will ever guess it
@andrewpalm2103 5 жыл бұрын
Thanks for another very useful tutorial, Derek. Love to see this stuff (whether I use it or not).
@evanlandreneau3569 5 жыл бұрын
Congratulations on 30k subscribers!!!
@MvanderWel 5 жыл бұрын
I've been using pass the last couple of months and it works well for me. I like the fact that you can store a lot of information other than just passwords per 'node' and it also has a nice optional gui in the form of qtpass that I use alongside the terminal app. The fact that you are fully in control and don't depend on third parties' cloud solutions also appeals to me!
@pcfreak1992 5 жыл бұрын
The best part is definitely the Unix aspect of it. I mean think about what secrets you can store in there and then pipe to other commands. Like SSH keys or TOTP secrets that are then fed to the respective tool that connects to a service or generates some token. 🤔
@arsen3783 5 жыл бұрын
why would you encrypt your ssh key with gpg? it already does that if you make it use a passphrase
@migue7490 5 жыл бұрын
I changed some passwords just today, I use the same pass to avoid forget them for many sites. I was thinking to use different ones but saving them in a text file (security level - 100). The timing of the video is scary XD. Awesome information.
@iLiokardo 5 жыл бұрын
A password manager that adheres to the Unix philosophy. Veeery interesting. I'm generally interested in terminal already. The ability to do any command at any time by just popping it up with a key bind. Exciting
@mitchelvalentino1569 5 жыл бұрын
Solid content from beginning to end, the reason why I love this channel. 👍 👍
@joshuajosephson7965 5 жыл бұрын
Calling it 'solid content' is like a reviewer referring to something as a 'great product'. We know it's fake.
@mitchelvalentino1569 5 жыл бұрын
Joshua Josephson Wrong. I meant every word sincerely.
@mitchelvalentino1569 5 жыл бұрын
Joshua Josephson do you mean my opinion is fake, or that the video’s content is fake? 😂 😂 it’s all real, bro!!
@joshuajosephson7965 5 жыл бұрын
@@mitchelvalentino1569 So did I. So what was your favorite part of the 'solid content'?
@mitchelvalentino1569 5 жыл бұрын
Joshua Josephson I didn’t have a favorite part. I liked the entire video. I like the overall presentation of information. The content is not too vague as to be useless, yet it’s detailed enough to be very useful. I am fond of traditional Unix tools and Unix philosophy, as well. I enjoyed the video from beginning to end and wanted to voice my support. Did you also enjoy the video?
@worldhello1234 4 жыл бұрын
That is the power of FOSS in action. I didn't know about PASS. :)
@nu8k700 4 жыл бұрын
Thanks a lot, it helps! I always looking for Linux stuff tutorials on your channel first!
@horatiopugwash9183 5 жыл бұрын
Crikey, I'd forgotten all about the *pass* utility! Now I'm tempted to give it a go and wean myself off the google psssword manager ☺
@felipemaia3458 5 жыл бұрын
What about a separate video on GPG?
@nikolaos9175 5 жыл бұрын
Thanks for showing us pass. I have been using keepassxc along with the browser extension, but this option looks pretty cool too. Edit: For users of rofi , there is an alternative to passmenu that you can use with rofi called rofi-pass.
@Captain_Rimmer 3 жыл бұрын
Awesome video, subscribed!
@DerekCordeiro 5 жыл бұрын
The good thing about pass is that it re-uses gnupg. If you've already setup gpg-agent, all your ssh keys can be stored in there too. Alternatively, keepassxc is pretty good including support for passwords, TOTPs and ssh-keys.
@jagardina 5 жыл бұрын
I like keepassxc because it is available on mobile devices and every other platform that I use. I keep the database in the cloud so they are all synched. I do not keep the key file in the cloud, that is only copied locally via usb thumbdrive.
@DarkH3lmet 5 жыл бұрын
I use pass for quite a while now. I've combined it with Tor and Git. I use a RaspberryPi with SSH available over an Onion Service. Limit the accessibility with HiddenServiceAuthorizeClient on the Server. Then you are able to use the "torify"-command to push and pull your passwords over Tor.
@ChonkyWantsACat 5 жыл бұрын
Can you make a video?😁😅
@ryuusel 5 жыл бұрын
You don't have to gpg -d the password, if you do pass the pinentry program will prompt you for your password at that point
@craigw4644 4 жыл бұрын
Tried them all, Bitwarden by far the best.
@cme123tr 3 жыл бұрын
Also, I have a windows and a linux PC. I have successfully installed in Linux mint, but does pass have to be installed in windows too before you can use the passff plugin in firefox?
@VulcanOnWheels 4 жыл бұрын
I like that pass command and I'll be using it also.
@AriannaEuryaleMusic 3 жыл бұрын
Awesome, I really need this tutorial cuz I was confused on how to make that App work.
@Jaywalker9988 5 жыл бұрын
At around 10:40 and on you imply your the passphrase you enter for `pass` is different from your GPG passprhase and that GPG can be used as a backup if you forget your passphrase. This is not true; pass is just a wrapper around the same gpg command you were running to decrypt the file. Look at the source, its just a shell script. If you forget that passphrase you create for your GPG key, you lose your data, period.
@DistroTube 5 жыл бұрын
> If you forget that passphrase you create for your GPG key, you lose your data, period. I stand corrected. I guess I better remember that passphrase. Digging around on the web, if you lose your passphrase...your options are extremely limited. I guess you could try to brute force the passphrase (would take alot of computational power and alot of time) . Probably not a viable solution for most people though.
@Jaywalker9988 5 жыл бұрын
@@DistroTube > if you lose your passphrase...your options are extremely limited Well certainly; you don't want a lot of options for recovery. A good lock only opens with the one key :P. Which speaking of keys, that's the other thing you need to be sure you keep safe. If you forget your passphrase OR lose that GPG secret key, you can't get in. Its best to keep that GPG secret key on a backup flash drive stored in a safe somewhere. If that flash drive gets stolen, they'll still need your passphrase and your .gpg files from your computer to be able to steal your passwords.
@worldhello1234 4 жыл бұрын
What? You are on your period. ;) You could output the decrypted key into another file and save it in plain text but that would defeat the purpose. Your only viable chance is the recovery method provided by the host of the website, Facebook, Twatter ...
@worldhello1234 4 жыл бұрын
@@Jaywalker9988 "Well certainly; you don't want a lot of options for recovery. A good lock only opens with the one key :P." You are such a generic wise ass. :P
@prometheus1672 4 жыл бұрын
Thanks for the video. I'm trying out pass now. One thing though: you shouldn't init the password manager with your private key. You should encrypt with the public key, private key is only for decrypting. It won't really matter if you only use pass on your one machine, but if you choose to push your password onto onto some server for syncing with other computers, you don't want to have your private key tied into your password store.
@ebraxcomx8865 4 жыл бұрын
Obrigado! Thanks in protuguese!
@Kakihara73 5 жыл бұрын
Well, good explained. I'm not scared but it seems to be complicated for me 😅
@gz6616 5 жыл бұрын
I have a set of rules to create a password for each website/service. You basically just need to encode the site's name in some manner. I have 3 digits space reserved for the time of the password so I can change it regularly. They are all 17 digits in length, but if I like I can easily extend them to 20+. I can also write down "hints" on those passwords in plain texts, as long as I don't tell anyone else the rules, the hints won't leak anything. They won't be as random as those created by random password generators, but using some mixing of capitals, numbers, symbols, they look pretty obfuscated.
@cme123tr 3 жыл бұрын
4:48 ; assuming gnome pg page is installed. I'm a beginner and I don't think I have it installed, can you tell me please how to install it?
@gabrieleiro4181 5 жыл бұрын
i have been a 1Password user for quite some time but i'm really surprised at how many of its features are available in a pass-based environment. i'll try it out for a week and see if it works well as a complete alternative
@vasachisenjubean5944 Жыл бұрын
Lol im here only to comment that DT was wrong about LastPass. It did get hacked. Love you DT •3
@marksmedley1298 2 жыл бұрын
Great presentation of gpg. I have one question, say you have a bank accounts, more than one account with the same bank, how would set this up? I would assume you would use the insert command with -m function. Could give me an example of this procedure? Thanks, keep up the great youtube work
@kevinklement2621 5 жыл бұрын
I use gopass,which is a pass-compatible program written in go, but organizes things into a hierarchy and offers some ncurses dialogues. Can use the same repo/password-store pass uses. It's not a GUI app at all, unlike what that website said.
@KoshikaSurasena 5 жыл бұрын
@distrotube would it be possible to share you powerline config files for your terminal. still havent able to get right justified segments
@spaceiswater6539 5 жыл бұрын
So it is possible to store Pass data on a few Linux machines so you dont have to just use the one machine all the time for your passwords? Great video many thanks.
@christianmuehlhaeuser2922 5 жыл бұрын
Check out "gopass", which is like pass on steroids, but backwards compatible. Supports team/key management & syncing with a git repository.
@spaceiswater6539 5 жыл бұрын
@@christianmuehlhaeuser2922 Thank you.
@igormamedes 5 жыл бұрын
So if I use the dmenu approach, I doesnt even need Pass? just encrypt my facebook password with gpg, and then use a simple sh script to decrypt the password and copy to clipboard?
@nerrufam7105 5 жыл бұрын
Hey dt, a video idea: Chakra vs Kaos (review), they both are kinda similar but quite different, they are arch based, but not reeeally. I myself dont understand it? Also Antix seems to be interesting
@JoshuaBedgood 3 жыл бұрын
@DistroTube any chance you could do a video on how to setup pass with a remote store using git so that passwords can be accessed from anywhere on the internet?
@cme123tr 3 жыл бұрын
I created the store; Password Store |__facebook.com |__PASSWORDS |__twitter.com I can't seem to be able to delete everything under the 'Password Store'. all commands from this lecture don't work for some reason. Does anybody know why?
@MiPeSom 5 жыл бұрын
Good video, but I'll stick with KeePassXC.
@pt8306 3 жыл бұрын
especially since it has a command line version if you really need to script it
@GreyDeathVaccine 4 жыл бұрын
KeePass remembers not only passwords but logins and notes too. It can generate long and complex passwords so you shoudn't have to.
@hyper4306 5 жыл бұрын
PASS IS THE STANDARD PASSWORD MANAGER!!!!!!!
@Bloodnaousky 2 жыл бұрын
can we please have a video on how to setup pass over git on a server to sync them with android-password-store
@DanWahrenberger 5 жыл бұрын
@bigpod, The reason that the hackers got nothing is that Lastpass encrypts the password vault locally using 256-bit AES encryption BEFORE uploading to their servers. They claim to have no way to recover an account with a lost master password as they have no access to any decrypted password vaults. If you are going to trust a third party to help manage your passwords that is the best way I know of to ensure security.
@umka7536 5 жыл бұрын
That is why LastPass or 1Password or similar services are demanded. I have multiple PCs which I have to use daily plus smartphone, and I also have to share some passwords with my wife (shopping sites, etc.). With "pass" you cannot do it.
@blankexpression2u 5 жыл бұрын
I can finally get rid of all my yellow post-its from my monitor edges!
@palamidagheo4520 5 жыл бұрын
nah...green post-its are safer i'll keep using it .It's simple and safe
@GreyDeathVaccine 4 жыл бұрын
@@palamidagheo4520 And more ECO. Greta will be pleased.
@spicybaguette7706 5 жыл бұрын
How many times did you say gpg key in this video? 😂
@LPFan33 4 жыл бұрын
How do I "clone" the pass store onto another device? Do I need to init with the same GPG key?
@allandacasin9041 4 жыл бұрын
Just copy .password-store and .gnupg to another device.
@pra.cent20 3 жыл бұрын
What if my os crashes, and i don't have any recoveries? Will i loose all the passwords forever?
@reilly6187 3 жыл бұрын
im pretty sure that the most popular password manager is Excel.
@maxibi 3 жыл бұрын
You don't need GPG key. you can email too. I have question, how do i increase the 45 seconds expiration.
@Flackon 3 жыл бұрын
What options does it have for cloud sync?
@KamilT 5 жыл бұрын
Hey DT, do you have any job advice for people with no exp in anything?
@clocked0 5 жыл бұрын
Get experience in the field you want to go in, then do some volunteer work to get some work experience for your resume
@KamilT 5 жыл бұрын
@@clocked0 Any ideas on volunteer work for someone trying to get into linux sysadmin-ing?
@federicodiaspro1583 3 жыл бұрын
Its scary when you build your password store in QtPass on Windows using the GUI and years later you start using Linux and want to re-ecntypt your password-store with a new gpg key this time using the teminal hahaha. Best practice is a good backup of your password-store.
@Shkur777 2 жыл бұрын
What about mac os, windows, android, osx, autofill, touch id, paste through clipboard but secure, password generator, passwords check on getpwned, auto-Type to be protected against keyloggers.
@FinlayDaG33k 5 жыл бұрын
FIRST! Also, I think Pass is a really nice thing to keep passwords in your own management but I kinda miss a "cloud" solution because great, now I have ridiculously strong passwords I have to type by hand on my phone :c
@jan_harald 5 жыл бұрын
um...you DO know how to copy-paste on your phone?
@FinlayDaG33k 5 жыл бұрын
@@jan_harald Yes, but goodluck using the password from my desktop's store on it XD I know I could use something like Resilio sync but that feels quite hacky.
@jan_harald 5 жыл бұрын
@@FinlayDaG33k Syncthing's an app that can sync a ton of different ways, including rsync, and google drive and dropbox and such as well, iirc, not certain since been a while last I checked...
@FinlayDaG33k 5 жыл бұрын
@@jan_harald Which is exactly what I meant with "feels kinda hacky". Now I have to setup (and maintain) another piece of software to sync it. Again, something like a self-hosted/cloud thingy would be dope.
@LPFan33 4 жыл бұрын
There is an android app that can clone your pass repo and allow you to copy/paste and even autofill passwords
@jl3789 5 жыл бұрын
I like using Master Password on my phone. It’s recommended by the privacytools.io website.
@ConradoFonseca 5 жыл бұрын
Yes, master password is a great tool also to generate more secure password and it doesn't store your password, instead it generate your pass based on their algorithm. That means you can use MPW through mobile app, web app, command line and OS installed app without the need to sync with any external storage/source/service. The thing I found handy with pass, as explained in this vid, is that you can also store your MPW generated password in your password store then use plugins to auto-fill it like the FF one he shown.
@shivammalhotra3219 3 жыл бұрын
yum install not working. No package pass available. Error: Nothing to do what to do now?
@sayanmanna2511 Жыл бұрын
Is it better than Bitwarden??
@maverickmadison7392 5 жыл бұрын
i use gpg command to encrypt all my password files symmetrically and copy paste the password from the terminal to the web browser
@maverickmadison7392 5 жыл бұрын
now i need to figure out how to auto-clear my clipboard memory after i pasted the password onto the web browser
@voidvector 4 жыл бұрын
@@maverickmadison7392 There are CLI commands to modify the clipboard in all major platforms -- xclip/pbcopy/clip. Just have a script that runs that with dummy data few seconds after you copy.
@chrisstr33tkng61 4 жыл бұрын
Bitwarden is the open source way to go.
@monolalia 5 жыл бұрын
'ed' is the standard UNIX password manager!
@jonas-pq8cd 5 жыл бұрын
CRISPR is the standard editor!
@artaway6647 5 жыл бұрын
password.txt is a great password manager that is encrypted using utf-8 method
@Sam-gd4xp 4 жыл бұрын
What I heard was like 100x times Gee Pee Gee key :D
@riddler1345 Жыл бұрын
can i download that if i use windows ?
@salovamrani2084 2 жыл бұрын
It is not convenient to use it like that, every time i go to a site i shoud type my master password for autofill?
@cme123tr 3 жыл бұрын
I'm a beginner in linux mint, but I found your video AMAZING!!! (best one online so far). I was not successful to get the command for if you forget your gpg master password how would you recover it. What would be the command? I tried ' gpg -d 826B0FD3C947AF26' but that did not work.
@RyanRyan-no4vt 3 жыл бұрын
You can't. GPG doesn't have a 'recover password' functionality. The only thing you can do at that point is revoke the key if you generated a revokation certificate while you remembeted the password.
@nu8k700 4 жыл бұрын
so what if you forgot your master password? 10:33 - 10:43
@trapspringer9891 4 жыл бұрын
Wow. I love the keyboard wallpaper. Fantastic vid, BTW. Still does not sway me to use a computer connected to the internet to store my passwords, though. I like to use pen and paper. Is there something that can sway me, though?
@DevArt59 2 жыл бұрын
Anybody have any luck setting this up for an Iphone ? Specifically github authentication, gpg/pgp keys ?
@lakshminarasimmanv 3 жыл бұрын
Attention!! You don't have to list the gpg key id, copy then paste to pass init. Instead, use the real name that you gave while creating the gpg key. Example: pass init ""
@AtomToast 5 жыл бұрын
Does anyone know if pass can store passwords together with the username like lastpass? Might actually consider switching over then.
@Jaywalker9988 5 жыл бұрын
It certainly can. There are several ways of doing it: Storing it in the file name, such as `pass -c Internet/you@facebook.com`, or if you prefer better privacy you can just run `pass edit` and it will open the file in your $EDITOR. From there you can add a new line under your password like "login: yourUsername" or for any other meta information you like. Check out the "Data Organization" section on the pass website (www.passwordstore.org/)
@AtomToast 5 жыл бұрын
@@Jaywalker9988 Thanks a lot! That sounds very convincing. I'll most likely wave Lastpass goodbye then. Do you know if it is possible to just sync the password folder with syncthing between your devices?
@IsraelJuliusKJ 5 жыл бұрын
@@Jaywalker9988 hi there, under keepassxc im able to store not only text information, but also files (e.g. an odt file) in the encrypted container. would that be possible with pass too?
@Jaywalker9988 5 жыл бұрын
Abraham Kornfeld never really considered using pass for that because I just use the raw gpg commands that pass is wrapping for that, so you certainly could do that and use your pass gpg key. It’d also be fairly trivial to add in something like ‘pass file yourfile.odt’ since pass is just a shell script
@Jaywalker9988 5 жыл бұрын
@@AtomToast You can use git with pass to sync your passwords to a github or private git repo and sync that. You'll need to manually ensure all devices have the GPG private key to ensure each device can decrypt the files
@wanlam13 4 жыл бұрын
If you're using Ubuntu or MInt, don't install "pass" from the repositories because it's outdated version 1.7.1 (released in 2017-04-13). The latest version is 1.7.3 (released in 2018-08-03). I read in Wikipedia that "In June 2018, pass was found to be vulnerable to a variant of the SigSpoof attack. The issue was patched the same day that the vulnerability was disclosed." Visit the official "pass" website and download the tarball. Trust me, it will be the easiest tarball you'll ever install in life. In fact, it was the shortest INSTALL file I've ever read. "sudo make install" and you're done.
@svenjorns7363 2 жыл бұрын
When creating a password I get the error message : gpg: DEE04C3123456789: skipped: Unusable public key gpg: [stdin]: encryption failed: Unusable public key It looks like pass does not find the local gpg key. What can be the reason for this?
@svenjorns7363 2 жыл бұрын
Be sure that your key can be used for encryption and not only for signing.
@matthewrease2376 2 жыл бұрын
Shame you didn't talk about the git functionality of pass. Makes it a breeze to sync between devices. I mean for regular computers, manually syncing is probably fine, but git allows me to sync on my phone with an app designed for pass.
@kingofninetails Жыл бұрын
Which app?
@michaelshort2388 Жыл бұрын
you're wrong about people who use lastpass being hosed if lastpass was ever compromised. Lastpass does not have access to the unencrypted passwords of their users. It has aactually been hacked before and none of the passwords were revealed.
@sharkmisdeed 4 жыл бұрын
What if i forget my master password ?
@DistroTube 4 жыл бұрын
Don't do that.
@GreyDeathVaccine 4 жыл бұрын
@@DistroTube xD You don't have to remember the password. Think of a password that you'll be able to recreate. For example: 75-DC364hp? "} wich translates to 1975 (birth year), DC - DODGE CHARGER, 364hp - horse power and 3 keys diagonally next to the enter key.
@LPFan33 4 жыл бұрын
@@GreyDeathVaccine Yeah, or write it somewhere hidden in plain sight. Like, write some phrase as plain-text with some other random phrases, pretending to be poetry or something. Phrases are easiest to remember anyway.
@notyouraverageskittelz696 3 жыл бұрын
missed opportunity. they should have called passmenu pwdmenu.
@titouant1936 3 жыл бұрын
Thanks, I'll pass
@aayush_shres 2 жыл бұрын
We all know DT's password is dt
@hewfrebie2597 5 жыл бұрын
Can I have your pass? XD
@PaniacThrilla 4 жыл бұрын
What the fuck, this thing doesn't work at all. It just keeps giving me "No entries matching this URL." bullshit.
@VasanthDeveloper 5 жыл бұрын
First comment!!!!!!
@DistroTube 5 жыл бұрын
Congrats!
@LPFan33 4 жыл бұрын
sed -i 's/dmenu/fzf/' ~/bin/passmenu
@1plus11000 3 жыл бұрын
ffs, just use lastpass
@kylebriffa7 5 жыл бұрын
BitWarden is opennsource.
@montanawestphotography6671 4 жыл бұрын
followed the instructions. followed the firefox plugin steps as written on the website and it was confusing. It bricked my laptop. Fresh install of Mint 4.2 and forget about these complicated softwares. Never again. It's the frustrating downside to linux. I'm not a programmer and I cant stand the guys who just fly through this stuff in a tutorial like its no big deal. When you closed your terminal all of a sudden you lost me because there was other stuff on there with further instructions that left me confused. I was pissed and still am. Thanks but no thanks.
@rochr4 4 жыл бұрын
You being so ginger about showing Your real passwords, was it live stream? You could change them afterwards, oh so secret passwords, bit cringy ;-
@alexdelarge9425 2 жыл бұрын
You can just type "gpg --list-keys" and you'll see your keys.
@kylebriffa7 5 жыл бұрын
BitWarden is opennsource.
SOFIADELMONSTRO
Рет қаралды 54 МЛН
Diana Belitskay
Рет қаралды 38 МЛН
Johe News
Рет қаралды 33 М.
The Linux Experiment
Рет қаралды 302 М.