Local file-based password, API key, secret, recovery code store backed by GPG.

Clone this repo:
  1. 9a90c31 Create/wipe db after gpg encrypt has completed successfully (#6) by Mathias Fredriksson · 8 days ago master
  2. cfe04d9 create: Add newline to end of message (#5) by Danielle Tomlinson · 8 weeks ago
  3. 85eae5c Bump version to v0.2.4 by Jess Frazelle · 3 months ago v0.2.4
  4. 58e0fba update vendor by Jess Frazelle · 3 months ago
  5. 6c583dc update makefile by Jess Frazelle · 3 months ago

pony

Travis CI GoDoc

Local file-based password, API key, secret, recovery code store backed by GPG.

Installation

Binaries

For installation instructions from binaries please visit the Releases Page.

Via Go

$ go get github.com/jessfraz/pony

Usage

$ pony -h
pony -  Local File-Based Password, API Key, Secret, Recovery Code Store Backed By GPG.

Usage: pony <command>

Flags:

  -d, --debug  enable debug logging (default: false)
  --file       file to use for saving encrypted secrets (default: ~/.pony)
  --keyid      optionally set specific gpg keyid/fingerprint to use for encryption & decryption (or env var PONY_KEYID)

Commands:

  create   Create a secret.
  get      Get details for a secret.
  ls       List secrets.
  rm       Delete a secret.
  version  Show the version information.

Best Practices

HISTIGNORE

You should obviously add pony to your HISTIGNORE for example:

export HISTIGNORE="ls:cd:cd -:pwd:exit:date:* --help:pony:pony *";

Namespacing Keys

You should namespace the keys for your secrets like the following:

$ pony create com.twitter.frazelledazzell.token KJDHJKFHDSBJDF
# GPG Passphrase for key "Jess Frazelle <butts@systemd.lol>":

$ pony create com.github.jessfraz.token LKJHSDLFKJDHF
# GPG Passphrase for key "Jess Frazelle <butts@systemd.lol>":

# if a key ends with `.recovery`
# we assume it is a list of comma seperated
# strings that are recovery codes
$ pony add com.github.devnull@butts.com.recovery we0wk4,osdknew,4fd9kw,03jfn23,sduj39s
# GPG Passphrase for key "Jess Frazelle <butts@systemd.lol>":

$ pony ls
# GPG Passphrase for key "Jess Frazelle <butts@systemd.lol>":

KEY                                     VALUE
com.aws.amazon.prod.key                 KSUIIUEJDMSDBSDJFOFR
com.aws.amazon.prod.secret              skljdUYGjsndhfjjiosjdfgr/HKKSU
com.github.botaccount.recovery          we0wk4,osdknew,4fd9kw,03jfn23,sduj39s
com.github.jessfraz.token               LKJHSDLFKJDHF
com.twitter.frazelledazzell.token       KJDHJKFHDSBJDF

# you can also filter by a regular expression
$ pony ls --filter com.github*
# GPG Passphrase for key "Jess Frazelle <butts@systemd.lol>":

KEY                                     VALUE
com.github.botaccount.recovery          we0wk4,osdknew,4fd9kw,03jfn23,sduj39s
com.github.jessfraz.token               LKJHSDLFKJDHF