Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
cjs_ac 2 hours ago

I store my passwords using this: https://www.passwordstore.org/

It's a shell script that stores passwords in a git repository, containing one file per entry. The files are encrypted using a GPG key. Because it's just a git repository, you can synchronise it between devices using whatever infrastructure you want. I use a FOSS client for it on iOS, and there was one for Android before I got an iPhone.

n0ot an hour ago | parent | next [-]

I tried using pass once. I like that it follows the Unix philosophy, and I want to like it, but the fact that all of your account names are visible in the clear is a deal breaker for me.

ab71e5 an hour ago | parent | prev | next [-]

I'm interested in this, what do you use to host the git repo? Just a private repo on something like github or your own server? How do you backup your private key?

wfleming 43 minutes ago | parent | next [-]

I also use pass. Any forge you feel like is fine (I use gitlab). I backup my gpg key with `gpg —export-owner-trust` and store that backup elsewhere.

Pass has a pretty good ecosystem of plugins/other clients, as well. There are open source iOS/Android clients and browser extensions so once you’re setup the day-to-day experience is not far off from any of the popular hosted password managers.

My only real issue is the dependency on gpg, as it’s pretty long in the tooth and a hassle to operate. (If you are not comfortable using gpg, spend some time learning that before you go all-in on pass!) There’s a fork[1] which swaps gpg for age, but it hasn’t attracted enough attention to get a similar ecosystem of mobile clients/browser extensions, so it’s not a very practical choice IMHO.

[1]: https://github.com/FiloSottile/passage

eikenberry 28 minutes ago | parent [-]

I don't think Age will catch on as a replacement until it has a gpg-agent equivalent to facilitate access.

cjs_ac an hour ago | parent | prev [-]

I run Gitea on my own server. (I didn't switch to Forgejo because it's not in the Debian repositories.) I don't have a backup of my private key... I should do that.

Depraved4482 an hour ago | parent | prev | next [-]

+1 for pass! I use this on my VPS to store secrets. I love that it syncs with GIT. Good stuff

jmcphers an hour ago | parent | prev [-]

I have used this for almost 10 years now. It's pretty barebones but it seems like the usable lifetime of commercial password managers is 4-5 years before they get enshittified, bought, discontinued, price-jacked, or otherwise made unsuitable for use. "pass" just keeps working.