Caching Password passer

xrayspx's picture

Similar to the RDP Launcher, I occasionally need to grab passwords that I use all the time from KeePassXC to paste into various forms or prompts. Basically anything I use more than once per day, I have defined in this script for quick access. I don't want to be able to remember these, and I also don't want to have to interact with the password manager UI if I'm in a shell.

So this is a wrapper for the KeePassXC command line tool that will retrieve a password and copy it to your copy-buffer ready to paste out. It's pretty useful when used with a drop-down terminal such as Yakuake on Linux or iTerm on a Mac.

Access to KeePassXC is managed through a password stored in a GPG encrypted file. This allows me to cache my GPG password (default is 10 minutes), and so I have a window where I don't have to keep re-authenticating and the only thing I ever have to type is the password for GPG.

$ cat bin/passer
#! /bin/bash

#kppath="~/Cloud-Sync/keepassdb.kdbx"
kppath="~/Nextcloud/kees/keep.kdbx"

os=`uname -s`
echo "Enter KeepassXC Passphrase:"

if [ "$os" = "Linux" ]
then
kpcmd="keepassxc.cli"
elif [ "$os" = "Darwin" ]
then
kpcmd="keepassxc-cli"
elif [ "$os" = "CYGWIN_NT-10.0" ]
then
kpcmd="keepassxc.cli"
kppath="c:\\cygwin64\\home\\username\\Cloud-Sync\\keepassdb.kdbx"
fi

kpass=$(GPG_AGENT_INFO="" gpg -q -d ~/bin/kp.gpg)

pw=$1

echo "$pw"

if [ "$pw" = "login" ]
then
pass=$(echo $kpass | $kpcmd show -s $kppath domain-user | grep "Password:" | awk -F "Password: " '{print $2}')

elif [ "$pw" = "cc" ]
then
pass=$(echo $kpass | $kpcmd show -s $kppath creditcard-credentials | grep "Password:" | awk -F "Password: " '{print $2}')

elif [ "$pw" = "bank" ]
then
pass=$(echo $kpass | $kpcmd show -s $kppath bank-credentials | grep "Password:" | awk -F "Password: " '{print $2}')
fi

if [ "$os" = "Linux" ]
then
export DISPLAY=:0; echo $pass | xclip -selection clipboard

elif [ "$os" = "Darwin" ]
then
echo $pass | pbcopy
elif [ "$os" = "CYGWIN_NT-10.0" ]
then
echo $pass | clip
fi

err=`echo $?`
if [ $err -gt 0 ]
then
echo $pass
fi