A rofi-wayland frontend for ZX2C4 pass project. The original repo is not very actively maintained to i decided to give it a go.
Main goal - provide frontend for pass, while keeping it a small, readable single-file script.
Password entry submenu:
Features:
- Create / Read / Update / Delete / move / copy password store entries
- Generate new passwords for entries
- Copy / type individual fields (or autotype based on
autotype
field) of selected entry - Support for different password store roots (e.g. personal & work)
- Open URLs of entries with hotkey
- Generate and display QR code directly in rofi (qrencode needed).
- Generate and autotype in OTPs
- Extensive configuration (see ./config.example)
- Clean codebase, linted with shellcheck and formatted with shfmt
Use default binding Alt+h
to see available bindings. And pass --help | -h
flag to
this script to see all available flags.
- ZX2C4 pass
- rofi-wayland
- wtype
- wl-clipboard
- qrencode (optional: for generating and displaying pass qrcode)
- pass-otp (optional: for OTPs)
Install from AUR (rofi-pass-wayland-git) or copy rofi-pass
script to dir in your
$PATH
. Script has all needed defaults, but if you want to customise further you
can pass your config to the script with one of the following ways:
$HOME/.config/rofi-pass/config
ROFI_PASS_CONFIG="/path/to/config"
env var.
See example configuration in config.example file.
Default autotype value is user :tab pass
. In case you don’t have user:
field in your password file it will take value of default_user
from your
config (defaults to output of command whoami
). Or you can set
default_user
to :basename
and autotype will always type basename of
password file as username. (i.e. for foo/bar/site.com/jack
it will type
jack
as username)
Example of password store file with autotyping of more than one field, using the
autotype
entry:
# mail/gmail/[email protected]
de_password
user: MyUser
SomeField: foobar
AnotherField: barfoo
url: http://my.url.foo
# self-explanatory - :tab, :space (might be useful for checkboxes), :enter
# :delay / :sleep - sleep before proceeding further
# :otp / otp - generate and type an OTP
# path - fill in path of that password entry (in this case
# mail/gmail/[email protected])
autotype: SomeField :tab user :tab AnotherField :tab pass :space :enter
The format for OTPs should either compatible with pass-otp(1)
-
otpauth://[...]
.
Or it should define a method for generating OTPs:
otp_method: /opt/obscure-otp-generator/oog --some-option some args
To access passwords your GPG agent needs to have unlocked your secret key you’re
using to encrypt your passwords with. If the secret key hasn’t been unlocked yet
it will prompt for the secret key password using pinentry
. If pinentry
is
configured to read from a tty
then rofi-pass
will hang indefinitely. To fix this
you need to configure gpg to use a gui version of pinentry
. Afterwards you may
have to kill the GPG agent if it’s still in a bad state: killall -9 gpg-agent
.
If you have ‘notify’ option set to false
in config (it’s a default) you might
sometimes just not see some ‘Failure’ messages and just see the script silently
exiting after you tried some action.
The script isn’t aiming to cover and display all even most obvious user errors, like not initialized password store in given directory or just non-existant dir. Try running this script form console directly and see displayed errors.