|
|
|
@ -42,58 +42,27 @@ case the password will be asked interactively. Note: This is the |
|
|
|
Nextcloud password, *not* the vault’s password! The vault password is |
|
|
|
*always* asked interactively. |
|
|
|
|
|
|
|
The `password` field may be replaced by `password_command`, which is a |
|
|
|
command to execute to get the password. The command is expected to print |
|
|
|
the password on its standard output and to terminate with a return code |
|
|
|
of zero; if the return code is non-zero, the output is ignored and the |
|
|
|
password will be asked interactively instead. |
|
|
|
|
|
|
|
The `vault` field is the name of the vault, as chosen when creating the |
|
|
|
vault in Passman’s web interface. |
|
|
|
|
|
|
|
If several vaults share the same server settings, those settings may be |
|
|
|
described in a separate section which may then be referred to with a |
|
|
|
`server` field, as in the following example: |
|
|
|
|
|
|
|
``` |
|
|
|
[myserver] |
|
|
|
host: host.example.com |
|
|
|
user: alice |
|
|
|
password: mypassword |
|
|
|
Use |
|
|
|
--- |
|
|
|
With at least one vault configured, Pebble may then be used through the |
|
|
|
`pbl` command and its subcommands. Current available subcommands are: |
|
|
|
|
|
|
|
[default] |
|
|
|
server: myserver |
|
|
|
vault: MyVault |
|
|
|
* `list` to list credentials in the vault; |
|
|
|
* `show` to display a credential’s details; |
|
|
|
* `new` to add a new credential; |
|
|
|
* `edit` to modify a credential; |
|
|
|
* `del` to remove a credential from the vault. |
|
|
|
|
|
|
|
[second] |
|
|
|
server: myserver |
|
|
|
vault: MyAnotherVault |
|
|
|
``` |
|
|
|
In addition, the `shell` command enters an interactive mode in which |
|
|
|
subcommands can be invoked successively without quiting the program. |
|
|
|
|
|
|
|
Calling `pbl` with the `-h` option will display the general help; |
|
|
|
calling a given subcommand with the `-h` option will display the help |
|
|
|
for that subcommand. |
|
|
|
|
|
|
|
Use |
|
|
|
--- |
|
|
|
With at least one vault configured, Pebble may then be used through the |
|
|
|
`pbl` command and its subcommands. Use the `-h` option for a list of |
|
|
|
available subcommands. |
|
|
|
|
|
|
|
Pebble fetches the vault’s data and cache them locally in |
|
|
|
`$XDG_DATA_HOME/pebble`. All entries are stored encrypted. The local |
|
|
|
cache is refreshed from the server if it is more than 1 day old (or any |
|
|
|
other value set by the `max_age` option, see below), this behavior may |
|
|
|
be changed on the command line with the `--refresh` (force inconditional |
|
|
|
refresh) or `--no-refresh` options (forbid refresh even if local cache |
|
|
|
is old). |
|
|
|
|
|
|
|
Cache settings may also be changed in the configuration file, within a |
|
|
|
vault section: |
|
|
|
|
|
|
|
* The `nocache` option, if set to `true`, forbids writing the contents |
|
|
|
of a vault to disk (the cache is only kept in memory). |
|
|
|
* The `max_age` option changes the age after which the local cache is |
|
|
|
refreshed from the server. The value can be expressed as a number of |
|
|
|
seconds, or as a number of minutes, hours, or days by suffixing the |
|
|
|
number with `m`, `h`, or `d` respectively. |
|
|
|
The program will interactively for the vault passphrase when it is |
|
|
|
needed to decrypt or encrypt a credential. |
|
|
|
|
|
|
|
|
|
|
|
Copying |
|
|
|
|
