Passage on macOS

These notes represent my initial experience using Passage on macOS.

If you have any familiarity with the classic Unix or Linux based password manager pass by Jason Donenfeld, then Passage will feel familiar. Passage works like pass, but uses age for file encryption.

Prerequisites

  • Homebrew installed

  • GNU getopt installed

    brew install gnu-getopt

  • tree installed (passage displays managed secrets as a tree)

    brew install tree

  • A working development environment for building Go based software.

  • age, the required file encryption format installed.Install age with Homebrew:

    brew install age

Install Passage from source code

You can install Passage from source code in its GitHub repository.

  1. Clone the repository.

    git clone https://github.com/FiloSottile/passage

  2. Change into the repository directory.

    cd passage

  3. Build the software so that Homebrew can install and link it.

    make install PREFIX="$(brew --cellar)/passage/$(git describe --tags)"

  4. Link the executable with brew.

    brew link passage

Configure Passage

You can configure Passage by creating a secret storage directory and an age identity.

  1. Create the Passage storage directory.

    mkdir -p $HOME/.passage/store

  2. Create the identity. In this example, you create a simple identity file suitable for local storage only, without password protection or security key association. You can explore those features as you dive deeper into Passage.

    age-keygen >> $HOME/.passage/identities

  3. Consult the Passage documentation for details on adding password protection or using a Yubikey with your age identities.

Write your first secret

With your storage and identity created, go ahead and create a test secret.

passage insert test-secret

Passage should prompt you for the password value for the test-secret secret:

Enter password for test-secret:

Passage should prompt you once again for the password:

Retype password for test-secret:

Read the secret

passage test-secret
<PLAINTEXT_PASSWORD>

Copy the secret value to your clipboard.

passage -c test-secret

Passage informs you that it copied the password to the clipboard, and made it available for a limited time. After this time, the password gets cleared from the clipboard.

Copied test-secret to clipboard. Will clear in 45 seconds.
#CLI #Cryptography

Read Next

Run OpenStep 4.2 Intel

My notes for emulating a classic retro 90s operating system on an Intel Mac with VirtualBox.

Command line snippets

I'd like to share with you some details about a command line interface (CLI) tool that I enjoy using to curate my collection of complex and seldom used but powerful CLI snippets and one-liners.