qpm provides basic, password protected, secret storage and management. It can store, for example, a collection of passwords all protected by a single master password.
qpm relies on gocryptfs for cryptography, and basic tools such as find(1) and tree(1).
Data is stored in a gocryptfs mount. Each entry is a directory with files (i.e. SECRET, URL, etc). The higher level directory structure organizes entries into groups.
qpm reads/writes passwords via standard input/output allowing you to build flexible and powerful management tools.
Read its source code to see how it works.
Qubes-os features
Give top-level group the same name as an appvm Qube. i.e. `qpm add -url https://gmail.com personal/gmail
Use
qpm appvm <vm-name> <entry>
to open the URL in the appvm Qube, and copy the secret to the appvm's clipboard. i.e.qpm appvm gmail
Note this feature requires additional dependences in the appvm template.
/etc/qubes-rpc/qpm.ClipOpenURL
to open a URL and paste to clipboard.
Also gocopy
, which depends on xsel
(recommended) or xclip
. See
etc/qubes-rpc/qpm.ClipOpenURL
comments for install details.