|
|
|
|
|
|
by sprin
3894 days ago
|
|
|
Thanks for sharing your project. What other CLI password managers did you review, and in what ways did you want Steel to be different? I noticed that, after being opened, the SQLite database appears to be stored on disk unencrypted, and must be manually re-encrypted with the "close" command. I think most password managers attempt to ensure that the unencrypted database is only ever in physical memory. The interface uses pipable commands rather than an interactive shell. The reason given is so that it can integrate with other standard Unix tools. This means that the entry context must be supplied for every command, in this case by id. Another side-effect of the pipable command interface is that using the "replace" command to change the passphrase will echo the passphrase to the screen and leave that passphrase in the shell history. The manual gives an example of piping to another utility: steel --show-passphrase 4 | xclip -selection clipboard
However, this seems a bit awkward for such a common task. Why not integrate xclip in to Steel? |
|
|
(The database is also encrypted as long as possible and only decrypted on demand. Yes, it lacks a "clear clipboard" mode and shouldn't be written in Python, but other than that it addresses all the criticism this solution gets… Maybe I should give it a fancy bootstrapped homepage with an .io domain to gain attention.)