pass-tomb
docker-credential-helpers
Our great sponsors
pass-tomb | docker-credential-helpers | |
---|---|---|
9 | 2 | |
366 | 1,017 | |
- | 3.1% | |
7.1 | 6.6 | |
2 months ago | 20 days ago | |
Shell | Go | |
GNU General Public License v3.0 only | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
pass-tomb
-
KeePass is the free, open source, light-weight and easy-to-use password manager
By itself, Passwordstore will not encrypt file names or directory names, which might not be a problem if no one else has access to the machine that hosts your git repo, but if that's not the case (even if it's a private repo on whatever platform), you might want to use either Tomb or git-crypt-remote to have full end-to-end encryption. There are even some tools that glue tomb and pass together (https://github.com/roddhjav/pass-tomb for one), though I'm not sure what's the situation is like when it comes to mobile integration with tomb/git-crypt-remote.
- Vim: Warning: Input is not from a terminal - how to prevent with given command in script
- Clever uses of pass, the Unix password manager
-
Any self-hostable password managers worth using?
That can of course be fixed by using pass-tomb, but that isn’t implemented in mobile clients (at least not on iOS).
-
Using gpg + pass + tomb and yubikey for secrets management ?
- https://pujol.io/blog/tomb-with-gpg-keys/ - https://github.com/roddhjav/pass-tomb
- Pass: The standard Unix password manager
-
LastPass is finally a no-brainer to ditch: Bitwarden?
A plug-in called pass-tomb exists to fix this, but doesn’t work with mobile apps (a least not iOS)
docker-credential-helpers
-
Clever uses of pass, the Unix password manager
Docker supports a credential-helper module[0], which supports 4 different backends for fetching the docker registry credentials: osxkeychain, pass, wincred, and secretservice.
pass lets you use GPG-smartcards, and many of those (such as Yubikeys) will let you enforce touch-policies for signing/encruption.
As a combination of both these however, I must touch my Yubikey every time I pull a new docker image.
Another cool use-case is that I use the terraform-pass-provider to save secrets for my personal terraform project.
[0]: https://github.com/docker/docker-credential-helpers
-
Running Docker on WSL2 the right way
# Finds the latest version $ wincred_version=$(curl -fsSL -o /dev/null -w "%{url_effective}" https://github.com/docker/docker-credential-helpers/releases/latest) # Downloads and extracts the .exe $ sudo curl -fL \ "https://github.com/docker/docker-credential-helpers/releases/download/${wincred_version}/docker-credential-wincred-${wincred_version}-$(dpkg --print-architecture).zip" | zcat | sudo tee /usr/local/bin/docker-credential-wincred.exe >/dev/null # Assigns execution permission to it $ sudo chmod +x /usr/local/bin/docker-credential-wincred.exe
What are some alternatives?
gopass - The slightly more awesome standard unix password manager for teams
switch
pass-grave - An extension for pass (the standard Unix password manager) to easily hide the metadata of the password store
age - A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.
Docker Compose - Define and run multi-container applications with Docker
OpenKeychain - OpenKeychain is an OpenPGP implementation for Android.
kind - Kubernetes IN Docker - local clusters for testing Kubernetes
passhole - A secure hole for your passwords (KeePass CLI)
systemd - The systemd System and Service Manager
Android-Password-Store - Android application compatible with ZX2C4's Pass command line application
lastpass-cli - LastPass command line interface tool