# webpass **Repository Path**: mirrors_emersion/webpass ## Basic Information - **Project Name**: webpass - **Description**: A web interface for pass, a UNIX password manager - **Primary Language**: Unknown - **License**: MIT - **Default Branch**: master - **Homepage**: None - **GVP Project**: No ## Statistics - **Stars**: 0 - **Forks**: 0 - **Created**: 2020-11-24 - **Last Updated**: 2026-07-05 ## Categories & Tags **Categories**: Uncategorized **Tags**: None ## README # webpass A web interface for [pass](https://www.passwordstore.org/), a UNIX password manager. ## Usage ```shell go get -u github.com/emersion/webpass/... cd $GOPATH/src/github.com/emersion/webpass npm install gpg --export-secret-keys > private-key.gpg webpass ``` Go to http://localhost:8080. You'll be first asked for your login password. Once logged in, a list of your passwords is displayed. When you click on an item, your PGP key password will be prompted and the password will be displayed. You can now setup an HTTPS reverse proxy to webpass. You can also choose not to store your encrypted PGP private key on the server, in this case you'll have to carry it with you e.g. on a USB stick. ## Configuration Create `config.json`: ```json { "auth": { "type": "git", "url": "git@git.example.org:user/pass-store.git", "privatekey": "/home/user/.ssh/id_rsa" }, "pgp": { "privatekey": "private-key.gpg" } } ``` * `auth`: configures authentication. `auth.type` must be one of: * `none`: no authentication. You should configure HTTP authentication with a reverse proxy for instance. * `pam`: uses the current user's account. * `git`: uses a remote Git repository, which is cloned in memory when logging in. The repository's URL must be specified with `auth.url`, and a SSH private key can be specified with `auth.privatekey`. * `pgp`: configures OpenPGP * `pgp.privatekey`: path to your OpenPGP private key. If not specified, your private key will be requested when decrypting a password. ## Security Once logged in, the encrypted PGP key and the encrypted passwords will be served by the API. The PGP key password won't be sent to the server, since the passwords are decrypted client-side. ## License MIT