qrz.is/content/post/2016-05-25-patch-for-the-cli-password-manager-pass.md
2021-07-16 11:16:33 +02:00

69 lines
2.7 KiB
Markdown

---
title: Patch for the CLI password manager „pass“
author: micha
date: 2016-05-25T21:47:20+00:00
url: /patch-for-the-cli-password-manager-pass/
categories:
- Uncategorized
---
I use Pass (https://www.passwordstore.org/) to store and synchronize all my passwords.
When I use Pass via SSH on a remote system in order to retrieve a password, I cannot make use of it’s clipboard feature. In order to output the password without actually displaying it, I wrote the following patch which prints the password in red on a red background while still being able to be manually copied to the clipboard:
```
src/password-store.sh | 19 +++++++++++++------
1 file changed, 13 insertions(+), 6 deletions(-)
diff --git a/src/password-store.sh b/src/password-store.sh
index d535a74..f4e1cfe 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -223,8 +223,8 @@ cmd_usage() {
List passwords.
$PROGRAM find pass-names...
List passwords that match pass-names.
- $PROGRAM [show] [--clip,-c] pass-name
- Show existing password and optionally put it on the clipboard.
+ $PROGRAM [show] [--clip,-c] [--hidden,-h] pass-name
+ Show existing password and optionally put it on the clipboard or hide it.
If put on the clipboard, it will be cleared in $CLIP_TIME seconds.
$PROGRAM grep search-string
Search for password files containing search-string when decrypted.
@@ -294,23 +294,30 @@ cmd_init() {
}
cmd_show() {
- local opts clip=0
- opts="$($GETOPT -o c -l clip -n "$PROGRAM" -- "$@")"
+ local opts clip=0 hidden=0
+ opts="$($GETOPT -o ch -l clip,hidden -n "$PROGRAM" -- "$@")"
local err=$?
eval set -- "$opts"
while true; do case $1 in
-c|--clip) clip=1; shift ;;
+ -h|--hidden) hidden=1; shift ;;
--) shift; break ;;
esac done
- [[ $err -ne 0 ]] && die "Usage: $PROGRAM $COMMAND [--clip,-c] [pass-name]"
+ [[ $err -ne 0 ]] && die "Usage: $PROGRAM $COMMAND [--clip,-c] [--hidden,-h] [pass-name]"
local path="$1"
local passfile="$PREFIX/$path.gpg"
check_sneaky_paths "$path"
if [[ -f $passfile ]]; then
if [[ $clip -eq 0 ]]; then
- $GPG -d "${GPG_OPTS[@]}" "$passfile" || exit $?
+ if [[ $hidden -eq 0 ]]; then
+ $GPG -d "${GPG_OPTS[@]}" "$passfile" || exit $?
+ else
+ local pass="$($GPG -d "${GPG_OPTS[@]}" "$passfile" | head -n 1)"
+ [[ -n $pass ]] || exit 1
+ echo -e "\e[0;31;41m$pass\e[0m"
+ fi
else
local pass="$($GPG -d "${GPG_OPTS[@]}" "$passfile" | head -n 1)"
[[ -n $pass ]] || exit 1
```