keypr
is a simple yet sufficient password manager designed to be used via CLI. It operates on a YAML file (which stores credentials data) encrypted with GnuPG. The idea is that you can, in principle, maintain the password file yourself manually by encrypting / decrypting with gpg
, grep
'ping and/or modifying it with your favourite editor. keypr
just provides a convenient interface to all that.
Pardon me -- a password manager in R? But why? Very simple: the author had a sudden urge to write it.
Make sure GnuPG is installed (gnupg
in dpkg-based distros).
In addition, on MacOS install pinentry-mac
- a utility for passphrase entry.
You can install the latest version of keypr
from github with:
devtools::install_github('x1o/keypr')
After the installation, put the following bash script to a location in your PATH:
#!/usr/bin/env bash
umask 0002
Rscript -e 'keypr::keypr()' "$@"
or copy it from <package_installation_directory>/bin/keypr
.
GnuPG agent (~/.gnupg/gpg-agent.conf
):
min-passphrase-len 0
min-passphrase-nonalpha 0
In addition, on MacOS, add
pinentry-program /usr/local/bin/pinentry-mac
keypr
is configured via a YAML configuration file keypr.yaml
, which is by
default stored in the user config directory; call
rappdirs::user_config_dir(appname = 'keypr')
to find the exact location on your system.
In that file, specify the path to a gpg
-encrypted password file, for example:
passwd_pathname: "~/passwd.yaml.gpg"
If the config file does not exist, it will be created with passwd_pathname
equal to passwd.yaml.gpg
in the user default data dir; call
rappdirs::user_data_dir(appname = 'keypr')
to find the value on your system.
Add a google login-password pair:
$ keypr add user1@gmail.com -p google_pass Google
And another one, but this time do not specify a password explictly -- it will be
generated (use -s
to create a stronger password containing special symbols):
$ keypr add user2@gmail.com Google
→ Generated password: 7J1F4SFvIgn4
Service "Google" is already known (login “user1@gmail.com”). Add anyway? [Y/n]
Add a github R personal access token (which does not require a login):
$ keypr add -p 85a964v1ajg0592kkjfl3985802d955k4 'Github R PAT'
Get all google credentials:
$ keypr get goo
service login password
Google user1@gmail.com google_pass
Google user2@gmail.com 7J1F4SFvIgn4
$ keypr get gith
service login password
Github R PAT 85a964v1ajg0592kkjfl3985802d955k4
The resulting passwd file would be
$ keypr config
passwd_pathname: ~/Library/Application Support/keypr/passwd.yaml.gpg
$ gpg -d ~/Library/Application\ Support/keypr/passwd.yaml.gpg
gpg: AES256.CFB encrypted data
gpg: encrypted with 1 passphrase
Google:
- user1@gmail.com: google_pass
- user2@gmail.com: 7J1F4SFvIgn4
Github R PAT:
- '': 85a964v1ajg0592kkjfl3985802d955k4