📦 Pass Password Manager - Quick Reference
The Standard Unix Password Manager
Essential commands and workflows at your fingertips
Initial Setup​
gpg --full-generate-keyCreate a new GPG key (one-time setup)
pass init "email@example.com"Initialize password store with GPG key
pass git initInitialize git in password store
pass git remote add origin URLAdd remote repository for sync
pass git push -u origin mainPush to remote repository
Adding Passwords​
pass insert path/to/passwordAdd a new password (prompted to enter)
pass insert -m path/to/passwordAdd multi-line entry (password + notes)
pass generate path/to/password 24Generate random 24-character password
pass generate -n path/to/password 20Generate alphanumeric password (no symbols)
pass generate -c path/to/password 32Generate and copy to clipboard (don't display)
Viewing Passwords​
passList all passwords in tree structure
pass path/to/passwordDisplay password in terminal
pass -c path/to/passwordCopy password to clipboard (clears in 45s)
pass show path/to/passwordShow full multi-line entry
pass find keywordSearch for passwords containing keyword
pass grep "search term"Search inside decrypted password files
Managing Passwords​
pass edit path/to/passwordEdit existing password in $EDITOR
pass rm path/to/passwordRemove a password
pass mv old/path new/pathMove or rename a password
pass cp source/path dest/pathCopy a password to another location
pass rm -r folder/Remove entire folder of passwords
Git Sync​
pass git pullPull latest passwords from remote
pass git pushPush local changes to remote
pass git logView password change history
pass git statusCheck sync status
pass git diffView uncommitted changes
GPG Key Management​
gpg --list-keysList all GPG public keys
gpg --list-secret-keysList all GPG private keys
gpg --export-secret-keys email > key.ascExport GPG private key for backup
gpg --import key.ascImport GPG key on new machine
gpg --edit-key emailEdit key (use "trust" to set trust level)
Advanced Usage​
pass init -p path/ key-idRe-encrypt passwords in path with new key
pass init key1 key2 key3Encrypt for multiple GPG keys (team sharing)
pass ls subfolder/List passwords in specific subfolder
PASSWORD_STORE_DIR=~/other passUse alternate password store location
pass show -c5 path/to/passwordCopy line 5 of multi-line entry to clipboard
Important Locations​
~/.password-store/Default password store directory
~/.gnupg/GPG configuration and keys directory
~/.password-store/.gpg-idFile containing GPG key ID used for encryption
/usr/share/bash-completion/completions/passBash completion script (source in .bashrc)
Security Reminder
Always use a private Git repository for your password store, even though passwords are encrypted. Never commit your GPG private keys to the repository.
Pro Tip
Use pass -c instead of pass show to avoid displaying passwords on screen. The clipboard auto-clears after 45 seconds for security.
Common Workflows​
pass insert work/gitlab && pass git pushAdd password and immediately sync
pass git pull && pass -c personal/emailSync first, then copy password
pass find github | grep personalSearch and filter results
Troubleshooting​
gpg-connect-agent reloadagent /byeReload GPG agent after config changes
pass init "$(cat ~/.password-store/.gpg-id)"Re-encrypt all passwords with current key
cd ~/.password-store && git statusCheck for sync issues manually
Pass - The Standard Unix Password Manager