How to Use Pass: A Text-Based Password Manager for Linux

Learn how to use pass, a text-based password manager, on Ubuntu Server and Fedora-based distributions. Securely store and manage your passwords from the command line.

Linux Pass: A Text-Based Password Manager

Once you get the hang of pass, you’ll find it to be an outstanding option for those machines that don’t include a GUI but still need a password manager. Pass is a text-based password manager that stores all of your entries in the PGP-encrypted text file, ~/.password-store. The pass command gives you access to adding, editing, generating, and retrieving your stored passwords and can even temporarily add a password to your clipboard and track password changes with git. Pass is handy and something you’ll want to have at the ready.

What You’ll Need

I’m going to demonstrate this on Ubuntu Server 22.04, but pass is also available for Fedora-based distributions. The only difference is the installation command. You’ll also need a user with sudo privileges for the installation and a PGP key generated and stored on the machine.

Installing Pass

The first step is installing pass. Log in to your Ubuntu server and issue the command:

sudo apt-get install pass -y

If you’re using a Fedora-based machine, the command will be:

sudo dnf install pass -y

Generating Your PGP Key

Next, you need to generate a PGP key that will be used with pass. To do this, go back to the terminal and issue the command:

gpg --gen-key

Answer the required questions to complete the process. One of the questions asked will be to require you to type an email address to associate with the key.

Setting up Pass

With your PGP key at the ready, it’s time to initialize pass with the command:

pass init EMAIL

Where EMAIL is the email address you associated with your PGP key. This will create a new password store and initialize it for the email address.

Using Pass

With everything ready, it’s time to create your first entry into your pass password store. Let’s say you want to add a password for Facebook. To do that, we’re going to not only create an entry for Facebook but also a folder to house Social networking sites. For that, the command would be:

pass insert SOCIAL/Facebook

You’ll be prompted to type a password for the Facebook entry. If you wanted to associate a username with that account, you could do something like this:

pass insert SOCIAL/Facebook/USERNAME

When you want to view the password for the account, issue the command:

pass show SOCIAL/Facebook/USERNAME

To successfully view the password, you’ll have to type the passphrase associated with the GPG key used to initialize the password store.

Integrating Pass with Git

Pass can integrate with Git. To do this, you must first set git global configurations like this:

git config --global user.email "EMAIL"
git config --global user.name "NAME"

This will initialize a git repository within your pass password store. This git repository can then be cloned onto other machines, using git, and as long as you keep the repositories in sync, you’ll always have access to your updated passwords.

If you’ve ever needed a command line password manager, pass is what you need. Once you get the hang of how it’s used, you’ll find it to be an outstanding option for those machines that don’t include a GUI but still need the convenience of a password manager.