mkpasswd

command module
v0.0.0-...-6703954 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 17, 2022 License: Apache-2.0 Imports: 1 Imported by: 0

README

mkpasswd

CLI tool for generating and managing versions of passwords on Google secret manager.

disclaimer

The use of this tool does not guarantee password security or suitability for any particular use. Please review the code and use at your own risk.

installation

This step assumes you have Go compiler toolchain installed on your system.

Download the code to a folder and cd to the folder, then run

go install

Install shell completion. For instance bash completion can be installed by adding following line to your .bashrc:

source <(mkpasswd completion bash)

Create a Google cloud project and activate Secrets Manager API. Also create a service account key and then export following two variables after replacing the values to your setup:

GOOGLE_PROJECT_ID=your-project-id
GOOGLE_APPLICATION_CREDENTIALS=service-account-file-path.json

generate passwords

Passwords are named entities that have versions. A new password version can be generated as follows:

mkpasswd gen
                  NAME                       PASSWORD       VERSION  
---------------------------------------+------------------+----------
  92c90d2e-6487-4ae1-9c45-457e50b61143   82N=.y`TXk1uvc4l         1

Alternatively, a specific name can be provided

mkpasswd gen --name=my-passwd
    NAME          PASSWORD       VERSION  
------------+------------------+----------
  my-passwd   IwC9j^hPJ5%t0:v2         1

Please note that the password name, once created, cannot be changed later

As you can see, if the named password does not already exist, it's version will be at 1. Issuing the same command again using an existing named password will generate a new version:

mkpasswd gen --name=my-passwd
    NAME          PASSWORD       VERSION  
------------+------------------+----------
  my-passwd   4Sj7|)q25KRW!PAt         2  

mkpasswd gen --name=my-passwd
    NAME          PASSWORD       VERSION  
------------+------------------+----------
  my-passwd   1%:4BY}E9ouUyqj7         3

Password length, use of symbols, digits and uppercase letters etc. can be configured.

For instance, an all numeric password can be generated as follows

mkpasswd gen --length=10 --num-digits=10 --num-symbols=0
                  NAME                    PASSWORD    VERSION  
---------------------------------------+------------+----------
  a826bf6d-4465-4cf2-8630-e7c6bac2f05a   6847301925         1

Similarly, a password with only alphabetical letters can be generated as follows:

mkpasswd gen --length=10 --num-digits=0 --num-symbols=0
                  NAME                    PASSWORD    VERSION  
---------------------------------------+------------+----------
  dd9f7830-ec3b-4d27-8f4e-cff6b63220a2   SewMLIrobf         1

Use of uppercase letters can be switched off as well:

mkpasswd gen --length=10 --num-digits=0 --num-symbols=0 --no-uppercase 
                  NAME                    PASSWORD    VERSION  
---------------------------------------+------------+----------
  cebf81b1-6cfa-492f-991f-2fab07e4ed30   mjcofyvrlt         1

And use of repeating characters can be allowed:

mkpasswd gen --length=20 --num-digits=0 --num-symbols=0 --no-uppercase --allow-repeat 
                  NAME                         PASSWORD         VERSION  
---------------------------------------+----------------------+----------
  188c3b2e-d42e-454f-8e50-40564e058f27   xsobdtkkdqoiwepubodd         1

retrieve passwords

Stored passwords can be listed:

mkpasswd list
                  NAME                  
----------------------------------------
  188c3b2e-d42e-454f-8e50-40564e058f27  
  92c90d2e-6487-4ae1-9c45-457e50b61143  
  a826bf6d-4465-4cf2-8630-e7c6bac2f05a  
  cebf81b1-6cfa-492f-991f-2fab07e4ed30  
  dd9f7830-ec3b-4d27-8f4e-cff6b63220a2  
  my-passwd

And any particular password value can be fetched, which always fetches the latest version of the named password

mkpasswd get 188c3b2e-d42e-454f-8e50-40564e058f27
                  NAME                         PASSWORD         VERSION  
---------------------------------------+----------------------+----------
  188c3b2e-d42e-454f-8e50-40564e058f27   xsobdtkkdqoiwepubodd         1

A specific version can be fetched using --version flag:

mkpasswd get my-passwd --version=2
    NAME          PASSWORD       VERSION  
------------+------------------+----------
  my-passwd   4Sj7|)q25KRW!PAt         2

delete password

When a named password is deleted, all versions of secret material are deleted forever.

Please use caution when using this command

mkpasswd delete 188c3b2e-d42e-454f-8e50-40564e058f27

The above command will ask for confirmation, however, --force option can be used to skip the confirmation and delete the secret without any confirmation.

mkpasswd delete 188c3b2e-d42e-454f-8e50-40564e058f27 --force

Documentation

Overview

Copyright © 2022 kubetrail.io authors

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at 

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Source Files

View all Source files

Directories

Path Synopsis
pkg
flags
run

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.