Redirected from 
README
¶
Overview
The slightly more awesome standard UNIX password manager for teams.
Manage your credentials with ease. In a globally distributed team, on multiple devices or fully offline on an air-gapped machine.
- Works everywhere - The same user experience on Linux, MacOS, *BSD or Windows
- Built for teams - Built from our experience working in distributed development teams
- Full autonomy - No network connectivity required, unless you want it
How Does It Work?
Gopass is a drop-in replacement for pass, the standard UNIX password manager. By default your credentials are encrypted with GPG and versioned in git. This can be customized easily. Other backends for encryption (e.g. age) and storage (e.g. fossil) are also available. The primary interface is the command line, making it an excellent choice for CLI fans, CI/CD systems or anything you can hook it up with. Gopass can also integrate with your browser so you can largely avoid the command line - if you want.
Installation
Necessary prerequisites for running gopass
gopass can operate without any dependencies but most users will use it with gpg and git.
An external editor is required to use gopass edit.
Installation through package managers
Homebrew (Linux/MacOS)
brew install gopass
MacPorts (macOS)
sudo port install gopass
Debian (Ubuntu, Debian, Raspbian, ...)
Warning: Do not install the gopass package from the official repositories. That is a completely different project that has no relation to us.
curl https://packages.gopass.pw/repos/gopass/gopass-archive-keyring.gpg | sudo tee /usr/share/keyrings/gopass-archive-keyring.gpg >/dev/null
cat << EOF | sudo tee /etc/apt/sources.list.d/gopass.sources
Types: deb
URIs: https://packages.gopass.pw/repos/gopass
Suites: stable
Architectures: all amd64 arm64 armhf
Components: main
Signed-By: /usr/share/keyrings/gopass-archive-keyring.gpg
EOF
sudo apt update
sudo apt install gopass gopass-archive-keyring
Fedora / RedHat / CentOS
dnf install gopass
Note: You might need to run dnf copr enable daftaupe/gopass first.
Arch Linux
pacman -S gopass
Windows
# WinGet
winget install Git.Git
winget install GnuPG.Gpg4win
winget install gopass.gopass
# Chocolatey
choco install gpg4win
choco install gopass
# Alternatively
scoop install gopass
FreeBSD / OpenBSD
cd /usr/ports/security/gopass
make install
Alpine Linux
apk add gopass
Other installation options
Please see docs/setup.md for other options.
From Source
go install github.com/gopasspw/gopass@latest
Note: latest is not a stable release. We recommend to only use released versions.
Manual download
Download the latest release and add the binary to your PATH.
Quick start guide
Initialize a new gopass configuration:
gopass setup
__ _ _ _ _ _ ___ ___
/'_ '\ /'_'\ ( '_'\ /'_' )/',__)/',__)
( (_) |( (_) )| (_) )( (_| |\__, \\__, \
'\__ |'\___/'| ,__/''\__,_)(____/(____/
( )_) | | |
\___/' (_)
🌟 Welcome to gopass!
🌟 Initializing a new password store ...
🌟 Configuring your password store ...
🎮 Please select a private key for encrypting secrets:
[0] gpg - 0xFEEDBEEF - John Doe <john.doe@example.org>
Please enter the number of a key (0-12, [q]uit) (q to abort) [0]: 0
❓ Do you want to add a git remote? [y/N/q]: y
Configuring the git remote ...
Please enter the git remote for your shared store []: git@gitlab.example.org:john/passwords.git
✅ Configured
By default gopass setup will use gpg encryption and git storage. This will create a new password store in $HOME/.local/share/gopass/stores/root and a configuration in $HOME/.config/gopass/config using gpg encryption and git for versioned storage. Users can override these with e.g. --crypto=age to use age encryption instead or opt out of using a versioned store with --storage=fs.
An existing store can be cloned with e.g. gopass clone git@gitlab.example.org:john/passwords.git.
Create a new secret:
gopass create
List all existing secrets:
gopass ls
Copy an existing password to the clipboard:
gopass show -c foo
Remove an existing secret:
gopass rm foo
Other examples:
# Command structure
gopass [<command>] [options] [args]
# Shortcut for gopass show [<key>]
gopass [<key>]
# Enter the gopass REPL
gopass
# Find all entries matching the search string
gopass find github
# List your store
gopass ls
# List all mounts
gopass mounts
# List all recipients
gopass recipients
# Sync with all remotes
gopass sync
# Setup a new store
gopass setup
Screenshot
Support
Please ask on Slack.
Contributing
We welcome any contributions. Please see CONTRIBUTING.md for more information.
Credit & License
gopass is licensed under the terms of the MIT license. You can find the complete text in LICENSE.
Please refer to our Contributors page for a complete list of our contributors.
Documentation
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
helpers
|
|
|
changelog
command
Changelog implements the changelog extractor that is called by the autorelease GitHub action and used to extract the changelog from the CHANGELOG.md file.
|
Changelog implements the changelog extractor that is called by the autorelease GitHub action and used to extract the changelog from the CHANGELOG.md file. |
|
man
command
Man implements a man(1) documentation generator that is run as part of the release helper to generate an up to date manpage for Gopass.
|
Man implements a man(1) documentation generator that is run as part of the release helper to generate an up to date manpage for Gopass. |
|
modinfo
command
modinfo a small helper to print the build info and module versions.
|
modinfo a small helper to print the build info and module versions. |
|
msipkg
command
|
|
|
postrel
command
Postrel is a helper that's supposed to be run after a release has been completed.
|
Postrel is a helper that's supposed to be run after a release has been completed. |
|
proxy
command
|
|
|
release
command
Release is the first part of the gopass release automation.
|
Release is the first part of the gopass release automation. |
|
internal
|
|
|
action
Package action implements all the handlers that are available as subcommands for gopass.
|
Package action implements all the handlers that are available as subcommands for gopass. |
|
action/pwgen
Package pwgen implements the subcommands to operate the stand alone password generator.
|
Package pwgen implements the subcommands to operate the stand alone password generator. |
|
audit
Package audit contains the password-strength auditing implementation.
|
Package audit contains the password-strength auditing implementation. |
|
backend
Package backend implements a registry to register differnet plugable backends for encryption and storage (incl.
|
Package backend implements a registry to register differnet plugable backends for encryption and storage (incl. |
|
backend/crypto/age/agent
Package agent implements the gopass age-agent.
|
Package agent implements the gopass age-agent. |
|
backend/crypto/gpg/cli
Package cli implements a GPG CLI crypto backend.
|
Package cli implements a GPG CLI crypto backend. |
|
backend/crypto/plain
Package plain implements a plaintext backend
|
Package plain implements a plaintext backend |
|
backend/storage
Package storage registers the jjfs backend.
|
Package storage registers the jjfs backend. |
|
backend/storage/cryptfs
Package cryptfs implements a filename encrypting storage backend.
|
Package cryptfs implements a filename encrypting storage backend. |
|
backend/storage/fs
Package fs implement a password-store compatible on disk storage layout with unencrypted paths.
|
Package fs implement a password-store compatible on disk storage layout with unencrypted paths. |
|
backend/storage/gitfs
Package gitfs implements a git cli based RCS backend.
|
Package gitfs implements a git cli based RCS backend. |
|
backend/storage/jjfs
Package jjfs implements a jj cli based RCS backend.
|
Package jjfs implements a jj cli based RCS backend. |
|
cache
Package cache proivdes a simple on disk cache for gopass.
|
Package cache proivdes a simple on disk cache for gopass. |
|
cache/ghssh
Package ghssh provides a cache for github ssh keys.
|
Package ghssh provides a cache for github ssh keys. |
|
completion/fish
Package fish implements a fish completion template for gopass.
|
Package fish implements a fish completion template for gopass. |
|
completion/zsh
Package zsh implements a zsh completion script generator.
|
Package zsh implements a zsh completion script generator. |
|
config
Package config provides a way to manage the configuration of gopass.
|
Package config provides a way to manage the configuration of gopass. |
|
config/legacy
Package legacy provides the legacy config struct for gopass.
|
Package legacy provides the legacy config struct for gopass. |
|
create
Package create provides a credential creation wizard.
|
Package create provides a credential creation wizard. |
|
cui
Package cui provides a simple command line user interface for gopass.
|
Package cui provides a simple command line user interface for gopass. |
|
diff
Package diff implements diffing of two lists.
|
Package diff implements diffing of two lists. |
|
editor
Package editor provides a simple wrapper around the EDITOR environment variable.
|
Package editor provides a simple wrapper around the EDITOR environment variable. |
|
hashsum
Package hashsum provides hash functions for various algorithms.
|
Package hashsum provides hash functions for various algorithms. |
|
hook
Package hook provides a flexible hook system for gopass.
|
Package hook provides a flexible hook system for gopass. |
|
out
Package out provides a simple output interface for gopass.
|
Package out provides a simple output interface for gopass. |
|
pwschemes/argon2i
Package argon2i provides an Argon2i password hashing scheme.
|
Package argon2i provides an Argon2i password hashing scheme. |
|
pwschemes/argon2id
Package argon2id provides an Argon2id password hashing scheme.
|
Package argon2id provides an Argon2id password hashing scheme. |
|
pwschemes/bcrypt
Package bcrypt provides a bcrypt password hashing scheme.
|
Package bcrypt provides a bcrypt password hashing scheme. |
|
queue
Package queue implements an experimental background queue for cleanup jobs.
|
Package queue implements an experimental background queue for cleanup jobs. |
|
recipients
Package recipients provides a datastruct for managing for managinig recipients.
|
Package recipients provides a datastruct for managing for managinig recipients. |
|
reminder
Package reminder provides a reminder store for gopass.
|
Package reminder provides a reminder store for gopass. |
|
store
Package store provides the interface for the gopass password store.
|
Package store provides the interface for the gopass password store. |
|
store/leaf
Package leaf provides the leaf store implementation for gopass.
|
Package leaf provides the leaf store implementation for gopass. |
|
store/mockstore/inmem
Package inmem implements an in memory storage backend for tests.
|
Package inmem implements an in memory storage backend for tests. |
|
store/root
Package root provides the root store implementation for gopass.
|
Package root provides the root store implementation for gopass. |
|
tpl
Package tpl provides functions to handle templates.
|
Package tpl provides functions to handle templates. |
|
tree
Package tree implements a tree for displaying hierarchical password store entries.
|
Package tree implements a tree for displaying hierarchical password store entries. |
|
updater
Package updater provides a simple update mechanism for gopass.
|
Package updater provides a simple update mechanism for gopass. |
|
pkg
|
|
|
appdir
Package appdir implements a customized lookup pattern for application paths like config, cache and data dirs.
|
Package appdir implements a customized lookup pattern for application paths like config, cache and data dirs. |
|
clipboard
Package clipboard provides functions to copy and clear the clipboard.
|
Package clipboard provides functions to copy and clear the clipboard. |
|
ctxutil
Package ctxutil provides a set of functions to manage context values in a gopass application.
|
Package ctxutil provides a set of functions to manage context values in a gopass application. |
|
debug
Package debug provides logging of debug information.
|
Package debug provides logging of debug information. |
|
fsutil
Package fsutil provides some common file system utilities for gopass.
|
Package fsutil provides some common file system utilities for gopass. |
|
gopass
Package gopass contains the public gopass API.
|
Package gopass contains the public gopass API. |
|
gopass/api
Package api provides a gopass API implementation.
|
Package api provides a gopass API implementation. |
|
gopass/apimock
Package apimock provides a mock implementation of the gopass API.
|
Package apimock provides a mock implementation of the gopass API. |
|
gopass/secrets
Package secrets provides the different secret types that gopass supports.
|
Package secrets provides the different secret types that gopass supports. |
|
gopass/secrets/secparse
Package secparse provides functions to parse secrets from various formats.
|
Package secparse provides functions to parse secrets from various formats. |
|
otp
Package otp provides functions to handle OTP secrets.
|
Package otp provides functions to handle OTP secrets. |
|
passkey
Package passkey implements the support of Webauthn credentials for authentication.
|
Package passkey implements the support of Webauthn credentials for authentication. |
|
pinentry/cli
Package cli provides a pinentry client that uses the terminal for input and output.
|
Package cli provides a pinentry client that uses the terminal for input and output. |
|
protect
Package protect provides an interface to the pledge syscall.
|
Package protect provides an interface to the pledge syscall. |
|
pwgen
Package pwgen implements multiple popular password generate algorithms.
|
Package pwgen implements multiple popular password generate algorithms. |
|
pwgen/pwrules
Code generated by go generate gen.go.
|
Code generated by go generate gen.go. |
|
pwgen/xkcdgen
Package xkcdgen provides a simple wrapper around the xkcdpwgen package to generate random passphrases.
|
Package xkcdgen provides a simple wrapper around the xkcdpwgen package to generate random passphrases. |
|
qrcon
Package qrcon implements a QR Code ANSI printer for displaying QR codes on the console.
|
Package qrcon implements a QR Code ANSI printer for displaying QR codes on the console. |
|
set
Package set provides a generic set implementation.
|
Package set provides a generic set implementation. |
|
tempfile
Package tempfile is a wrapper around os.MkdirTemp, providing an OO pattern as well as secure placement on a temporary ramdisk.
|
Package tempfile is a wrapper around os.MkdirTemp, providing an OO pattern as well as secure placement on a temporary ramdisk. |
|
termio
Package termio provides helpers and functions to work with terminal input and output.
|
Package termio provides helpers and functions to work with terminal input and output. |
|
Package tests contains common test helpers
|
Package tests contains common test helpers |
|
can
Package can provides access to the embedded key material used for testing.
|
Package can provides access to the embedded key material used for testing. |
|
gptest
Package gptest contains test helpers for gopass, including creating temporary directories, setting up environment variables, and creating CLI contexts for testing.
|
Package gptest contains test helpers for gopass, including creating temporary directories, setting up environment variables, and creating CLI contexts for testing. |
Click to show internal directories.
Click to hide internal directories.