Kure is a free and open-source password manager for the command-line.
This project aims to offer the most secure and private way of operating with sensitive data on the terminal, as well as providing a feature-rich and interactive interface to make the user experience simple and enjoyable.
- Cross-Platform: Linux, macOS, BSD and Windows supported.
- Offline: Data is handled locally, no connection is established with 3rd parties.
- Secure: Each record is encrypted using AES-GCM 256-bit and a unique password. Furthermore, the user's master password is never stored on disk, it's encrypted and temporarily kept in-memory inside a protected buffer, decrypted when it's required and destroyed immediately after it. The key derivation function used is Argon2 with the id version.
- Easy-to-use: Extremely intuitive and does not require advanced technical skills.
- Portable: Both Kure and the database compile to binary files and they can be easily carried around in an external device.
- Multiple formats: Store entries, cards and files of any type.
Linux, macOS, BSD and Windows pre-compiled binaries can be found here.
brew install GGP1/tap/kure
scoop bucket add GGP1 https://github.com/GGP1/scoop-bucket.git scoop install GGP1/kure
scoop install https://raw.githubusercontent.com/GGP1/scoop-bucket/master/bucket/kure.json
-v <volume-name>:/root/.kureto persist the data on the host machine.
Mount your database and configuration file to the container using bind mounts:
-v /path/to/data:./root/.kure. Any write into the bind mount will be propagated back to the Docker host.
docker run -it gastonpalomeque/kure sh
Compìle from source
git clone https://github.com/GGP1/kure cd kure make install
Out-of-the-box Kure needs no configuration. It sets default values, creates the configuration file and the database at:
- Linux, BSD:
However, you may want to store the configuration file elsewhere or use a different one, this can be done by setting the path to it in the
KURE_CONFIG environment variable.
Moving forward to the configuration file itself, in it we can specify the clipboard and session timeouts, the location of the database (if it doesn't exist it will be automatically created), the argon2 parameters, the editor used and whether or not a keyfile is required. Head over configuration for further details.
Paths inside the file must be absolute.
Formats supported: JSON, TOML, YAML. Samples.
- Linux, BSD: xsel, xclip, wl-clipboard or Termux:API add-on (termux-clipboard-get/set) to write to the clipboard.
- macOS: none.
- Windows: none.