Cette page est affichée en anglais. Une traduction française est en cours.
ScriptsMay 24, 2026·2 min de lecture

gopass — Team Password Manager for the Command Line

A rewrite of the UNIX pass password manager in Go with team sharing, browser integration, and multi-store support built in.

Prêt pour agents

Installation agent prête

Cet actif peut être installé après choix du runtime, vérification du plan et exécution de la commande adaptée.

Native · 98/100Policy : autoriser
Surface agent
Tout agent MCP/CLI
Type
Skill
Installation
Single
Confiance
Confiance : Established
Point d'entrée
gopass Overview
Commande d'installation directe
npx -y tokrepo@latest install 7bdab36b-576b-11f1-9bc6-00163e2b0d79 --target codex

À exécuter après confirmation du plan en dry-run.

Introduction

gopass extends the UNIX pass password manager with team collaboration, multiple backends, and a more robust CLI. It stores secrets as GPG-encrypted files in Git repositories, enabling version-controlled, auditable secret management.

What gopass Does

  • Stores secrets as GPG-encrypted files organized in a directory hierarchy
  • Syncs password stores via Git for team sharing and version history
  • Supports multiple mount points to separate personal and team stores
  • Generates random passwords with configurable length and character sets
  • Integrates with browsers via the gopass-bridge extension

Architecture Overview

gopass encrypts each secret with one or more GPG public keys and stores the ciphertext in a Git repository. Multiple stores can be mounted under a unified namespace. The tool supports age as an alternative to GPG for encryption. Recipients are managed per subtree, allowing granular access control within a shared store.

Self-Hosting & Configuration

  • Install via Homebrew, system packages, or from source with go install
  • Initialize with gopass init to create a store linked to your GPG key
  • Add team members with gopass recipients add <GPG-ID>
  • Mount additional stores with gopass mounts add team /path/to/repo
  • Configure the age backend as a lighter alternative to GPG

Key Features

  • Multiple encryption backends: GPG and age
  • Git-based sync with automatic push and pull
  • Per-subtree recipient management for fine-grained access control
  • REPL mode for interactive secret browsing
  • YAML and key-value structured secret support

Comparison with Similar Tools

  • pass — the original UNIX password manager; gopass adds team features, mounts, and age support
  • Bitwarden/Vaultwarden — server-based; gopass is fully decentralized via Git
  • HashiCorp Vault — enterprise secret management; gopass is a lightweight developer-focused alternative
  • 1Password CLI — commercial; gopass is open source with no subscription

FAQ

Q: Can gopass replace pass? A: Yes. gopass is backwards-compatible with pass and can use existing pass stores.

Q: How does team sharing work? A: Secrets are encrypted for multiple GPG keys. Adding a recipient re-encrypts all secrets they should access.

Q: Does gopass support 2FA/TOTP? A: Yes. Store TOTP secrets and retrieve codes with gopass otp.

Q: What platforms does gopass support? A: Linux, macOS, and Windows. Browser extensions work with Chrome and Firefox.

Sources

Fil de discussion

Connectez-vous pour rejoindre la discussion.
Aucun commentaire pour l'instant. Soyez le premier à partager votre avis.

Actifs similaires