Create/wipe db after gpg encrypt has completed successfully (#6)

1 file changed
tree: 933aaeba891dc3df86d7d5fe5905958bdb570bdc
  1. .gitignore
  2. .goosarch
  3. .travis.yml
  4. .traviskey
  5. Dockerfile
  7. Makefile
  9. VERSION.txt
  11. create.go
  12. get.go
  13. go.mod
  14. go.sum
  15. gpg/
  16. list.go
  17. main.go
  18. main_unix.go
  19. main_windows.go
  20. remove.go
  21. store.go
  22. vendor/
  23. version/


Travis CI GoDoc

Local file-based password, API key, secret, recovery code store backed by GPG.



For installation instructions from binaries please visit the Releases Page.

Via Go

$ go get


$ pony -h
pony -  Local File-Based Password, API Key, Secret, Recovery Code Store Backed By GPG.

Usage: pony <command>


  -d, --debug  enable debug logging (default: false)
  --file       file to use for saving encrypted secrets (default: ~/.pony)
  --keyid      optionally set specific gpg keyid/fingerprint to use for encryption & decryption (or env var PONY_KEYID)


  create   Create a secret.
  get      Get details for a secret.
  ls       List secrets.
  rm       Delete a secret.
  version  Show the version information.

Best Practices


You should obviously add pony to your HISTIGNORE for example:

export HISTIGNORE="ls:cd:cd -:pwd:exit:date:* --help:pony:pony *";

Namespacing Keys

You should namespace the keys for your secrets like the following:

$ pony create com.twitter.frazelledazzell.token KJDHJKFHDSBJDF
# GPG Passphrase for key "Jess Frazelle <>":

$ pony create com.github.jessfraz.token LKJHSDLFKJDHF
# GPG Passphrase for key "Jess Frazelle <>":

# if a key ends with `.recovery`
# we assume it is a list of comma seperated
# strings that are recovery codes
$ pony add we0wk4,osdknew,4fd9kw,03jfn23,sduj39s
# GPG Passphrase for key "Jess Frazelle <>":

$ pony ls
# GPG Passphrase for key "Jess Frazelle <>":

KEY                                     VALUE                 KSUIIUEJDMSDBSDJFOFR              skljdUYGjsndhfjjiosjdfgr/HKKSU
com.github.botaccount.recovery          we0wk4,osdknew,4fd9kw,03jfn23,sduj39s
com.github.jessfraz.token               LKJHSDLFKJDHF
com.twitter.frazelledazzell.token       KJDHJKFHDSBJDF

# you can also filter by a regular expression
$ pony ls --filter com.github*
# GPG Passphrase for key "Jess Frazelle <>":

KEY                                     VALUE
com.github.botaccount.recovery          we0wk4,osdknew,4fd9kw,03jfn23,sduj39s
com.github.jessfraz.token               LKJHSDLFKJDHF