Gitiles - git.j3ss.co
git.j3ss.co / pony

Local file-based password, API key, secret, recovery code store backed by GPG.

Clone this repo:

Branches

Tags

  1. 3a4ac36 update generation by Jess Frazelle · 5 weeks ago master
  2. 603e2c5 update vendor by Jess Frazelle · 5 weeks ago
  3. 7d6ac08 docs: Update TOC by github-actions[bot] · 5 weeks ago
  4. f1f6882 update vendor by Jess Frazelle · 5 weeks ago
  5. c2bdfcb update vendor by Jess Frazelle · 5 weeks ago

pony

make-all make-image GoDoc

Local file-based password, API key, secret, recovery code store backed by GPG.

Table of Contents

Installation

Binaries

For installation instructions from binaries please visit the Releases Page.

Via Go

$ go get github.com/jessfraz/pony

Usage

$ pony -h
pony -  Local File-Based Password, API Key, Secret, Recovery Code Store Backed By GPG.

Usage: pony <command>

Flags:

  -d, --debug  enable debug logging (default: false)
  --file       file to use for saving encrypted secrets (default: ~/.pony)
  --keyid      optionally set specific gpg keyid/fingerprint to use for encryption & decryption (or env var PONY_KEYID)

Commands:

  create   Create a secret.
  get      Get details for a secret.
  ls       List secrets.
  rm       Delete a secret.
  version  Show the version information.

Best Practices

HISTIGNORE

You should obviously add pony to your HISTIGNORE for example:

export HISTIGNORE="ls:cd:cd -:pwd:exit:date:* --help:pony:pony *";

Namespacing Keys

You should namespace the keys for your secrets like the following:

$ pony create com.twitter.frazelledazzell.token KJDHJKFHDSBJDF
# GPG Passphrase for key "Jess Frazelle <butts@systemd.lol>":

$ pony create com.github.jessfraz.token LKJHSDLFKJDHF
# GPG Passphrase for key "Jess Frazelle <butts@systemd.lol>":

# if a key ends with `.recovery`
# we assume it is a list of comma seperated
# strings that are recovery codes
$ pony add com.github.devnull@butts.com.recovery we0wk4,osdknew,4fd9kw,03jfn23,sduj39s
# GPG Passphrase for key "Jess Frazelle <butts@systemd.lol>":

$ pony ls
# GPG Passphrase for key "Jess Frazelle <butts@systemd.lol>":

KEY                                     VALUE
com.aws.amazon.prod.key                 KSUIIUEJDMSDBSDJFOFR
com.aws.amazon.prod.secret              skljdUYGjsndhfjjiosjdfgr/HKKSU
com.github.botaccount.recovery          we0wk4,osdknew,4fd9kw,03jfn23,sduj39s
com.github.jessfraz.token               LKJHSDLFKJDHF
com.twitter.frazelledazzell.token       KJDHJKFHDSBJDF

# you can also filter by a regular expression
$ pony ls --filter com.github*
# GPG Passphrase for key "Jess Frazelle <butts@systemd.lol>":

KEY                                     VALUE
com.github.botaccount.recovery          we0wk4,osdknew,4fd9kw,03jfn23,sduj39s
com.github.jessfraz.token               LKJHSDLFKJDHF