Local File-Based Password, API Key, Secret, Recovery Code Store Backed By GPG.

Clone this repo:

Branches

  1. f8edfa6 Merge pull request #2 from robphoenix/patch-1 by Jess Frazelle · 6 months ago master
  2. f9cad3c line up values in README by Rob Phoenix · 6 months ago
  3. 4a9d5e2 travis go versions by Jess Frazelle · 10 months ago
  4. e7df40c jfrazelle -> jessfraz by Jess Frazelle · 10 months ago
  5. fba2dfd add dockerfile by Jess Frazelle · 10 months ago

pony

Travis CI

Local File-Based Password, API Key, Secret, Recovery Code Store Backed By GPG

$ pony -h
NAME:
   pony - Local File-Based Password, API Key, Secret, Recovery Code Store Backed By GPG

USAGE:
   pony [global options] command [command options] [arguments...]

VERSION:
   v0.1.0

AUTHOR(S):
   @jessfraz <no-reply@butts.com>

COMMANDS:
   add, save    Add a new secret
   delete, rm   Delete a secret
   get          Get the value of a secret
   list, ls     List all secrets
   update       Update a secret
   help, h      Shows a list of commands or help for one command

GLOBAL OPTIONS:
   --debug, -d              run in debug mode
   --file, -f "~/.pony"     file to use for saving encrypted secrets
   --keyid                  optionally set specific gpg keyid/fingerprint to use for encryption & decryption [$PONY_KEYID]
   --gpgpath "~/.gnupg/"    filepath used for gpg keys
   --help, -h               show help
   --generate-bash-completion
   --version, -v            print the version

Best Practices

HISTIGNORE

You should obviously add pony to your HISTIGNORE for example:

export HISTIGNORE="ls:cd:cd -:pwd:exit:date:* --help:pony:pony *";

Namespacing Keys

You should namespace the keys for your secrets like the following:

$ pony add com.twitter.frazelledazzell.token KJDHJKFHDSBJDF
# GPG Passphrase for key "Jess Frazelle <butts@systemd.lol>":

$ pony add com.github.jessfraz.token LKJHSDLFKJDHF
# GPG Passphrase for key "Jess Frazelle <butts@systemd.lol>":

# if a key ends with `.recovery`
# we assume it is a list of comma seperated
# strings that are recovery codes
$ pony add com.github.devnull@butts.com.recovery we0wk4,osdknew,4fd9kw,03jfn23,sduj39s
# GPG Passphrase for key "Jess Frazelle <butts@systemd.lol>":

$ pony ls
# GPG Passphrase for key "Jess Frazelle <butts@systemd.lol>":

KEY                                     VALUE
com.aws.amazon.prod.key                 KSUIIUEJDMSDBSDJFOFR
com.aws.amazon.prod.secret              skljdUYGjsndhfjjiosjdfgr/HKKSU
com.github.botaccount.recovery          we0wk4,osdknew,4fd9kw,03jfn23,sduj39s
com.github.jessfraz.token               LKJHSDLFKJDHF
com.twitter.frazelledazzell.token       KJDHJKFHDSBJDF

# you can also filter by a regular expression
$ pony ls --filter com.github*
# GPG Passphrase for key "Jess Frazelle <butts@systemd.lol>":

KEY                                     VALUE
com.github.botaccount.recovery          we0wk4,osdknew,4fd9kw,03jfn23,sduj39s
com.github.jessfraz.token               LKJHSDLFKJDHF