pwsafe man page

pwsafe — commandline password database utility compatible with Counterpane's Passwordsafe


pwsafe [options] command [arg]


pwsafe manipulates Counterpane Passwordsafe username/password databases.

It is compatible with Counterpane Passwordsafe 1.9.x and 2.0 databases.


pwsafe accepts the following commands:

Create a new database.
Export database as text.
Merge DATABASE_FILE into database. Common entries are merged interactively.
Change the database's passphrase.
List all [matching] entries in database. If -u or -p is given then REGEX must match only one entry, and only the requested field(s) are emitted.
-a, --add[=NAME]
Add an entry to database.
-e, --edit=REGEX
Edit an entry.
Delete an entry from database.

If no command is given, an interactive mode is entered.


pwsafe accepts the following options:

-f, --file=DATABASE_FILE
Specify the database to manipulate. Default is $HOME/.pwsafe.dat
Specify the database's version. Default is 2.
-I, --case
REGEX is case-sensative. Any uppercase character in REGEX implies --case.
Show login and notes in list output.
-u, --username
Show username of listed account(s).
-p, --password
Show password of listed accounts(s).
-E, --echo
Force echo'ing of entry to stdout. This is selected by default if $DISPLAY is not set.
-o, --output=FILE
Redirect username and password output to FILE. Implies --echo.
-x, --xclip
Force copying of username and password to X clipboard. This is selected by default if $DISPLAY is set.
-d, --display=XDISPLAY
Override $DISPLAY. Implies --xclip.
-s, --selection={Primary,Secondary,Clipboard,Both}
Select the X selection effected. Default is Both primary and clipboard. Implies --xclip.
-G, --ignore=NAME@HOST
Add NAME to windows or hosts that do not receive the selection. If just NAME is given it matches any host, and if just @HOST is given it matches any name.
-v, --verbose
Print more information.
-q, --quiet
Print less information. In fact, print only exactly what was requested.
-h, --help
Show summary of options.
-V, --version
Show version of program.


Default database file. If this is a relative path it is assumed to be relative to $HOME. Defaults to ".pwsafe.dat". Overridden by -f.
Default user. Defaults to $USER or $LOGNAME.
Overrides built-in --ignore list. --ignore overrides. Format is a list of --ignore arguments, seperated by colons (':').
Used to locate the default database "~/.pwsafe.dat" and default RANDFILE "~/.rnd".
Used to locate the random number generator entropy pool file. Defaults to "$HOME/.rnd".


The password database.
Backup of database.
Random number generator's entropy pool.


Use a good password for your database.

Don't use pwsafe over telnet or from untrusted terminals.

To seed RANDFILE decently, do something like
md5sum /var/log/* >~/.rnd


For those who can't read the rest of this file:

Create $HOME/.pwsafe.dat.
pwsafe --createdb
Add an entry named 'test'.
pwsafe -a test
Copy username and password of 'test' to console or X clipboard & primary selection.
pwsafe -up test
Upgrade a version passwordsafe version 1.7 database to version 2.0 (we do this by merging it with itself, but specifying version 2 output)
pwsafe --mergedb $HOME/.pwsafe.dat --dbversion 2


Nicolas S. Dade <ndade@nsd.dyndns.org>.

Reporting Bugs

Report bugs to <ndade@nsd.dyndns.org>.

See Also

http://passwordsafe.sourceforge.net/, http://www.counterpane.com/


Nicolas S. Dade <ndade@nsd.dyndns.org> 0.2.0