Bitwarden is a cross-platform password manager that synchronizes between platforms (desktop, phone, tablet, etc.) and browsers. Unlike many products, you can fully self-host Bitwarden.
You might enjoy reading our earlier piece on self-hosted Bitwarden.
Most people using Bitwarden need their passwords to fill in web sites and other online services. But what if you want to access your passwords on the command line, perhaps because you need server access credentials? Can do!
Installing bw
The command-line client is called ‘bw’. To install it, you need to setup the Node Package Manager:
apt install npm
Next, install the Bitwarden cli:
npm install -g @bitwarden/cli
If You’re Self-Hosted
By default, bw will try to talk to bitwarden.com (the official Bitwarden server). But if you’re self-hosted, you can configure it to talk to your server.
Type this command:
raindog308@client:~$ bw config server bitwarden.lowend.party Saved setting `config`.
Now if you look in your home directory’s .config folder, you’ll see a “Bitwarden CLI” subdirectory. In the data.json file in that directory, you’ll see that bw is configured for your server.
raindog308@client:~$ cat .config/Bitwarden\ CLI/data.json
{
"installedVersion": "1.11.0",
"environmentUrls": {
"base": "https://bitwarden.lowend.party",
"api": null,
"identity": null,
"webVault": null,
"icons": null,
"notifications": null,
"events": null,
"enterprise": null
}
}If you’re using the official bitwarden.com servers, this step is unnecessary.
Logging In
Let’s login to our server.
raindog308@client:~$ bw login ? Email address: raindog308@raindog308.com ? Master password: [hidden] You are logged in! To unlock your vault, set your session key to the `BW_SESSION` environment variable. ex: $ export BW_SESSION="xxxXXXxxx==" $ env:BW_SESSION="xxxXXXxxx==" You can also pass the session key to any command with the `--session` option. ex: $ bw list items --session xxxXXXxxx==
You can take that export statement and execute it:
$ export BW_SESSION="xxxXXXxxx=="
Now you can use various bw commands. You can also put that command in your .bash_profile and it will be executed every time you login, but be aware of the security tradeoffs.
Using bw
Let’s see what items we have in our vault. They’ll come across as easily parsable json:
raindog308@client:~$ bw list items --pretty
[
{
"object": "item",
"id": "2606ba51-8f15-42a8-a380-abe90177aa66",
"organizationId": null,
"folderId": null,
"type": 1,
"name": "lowendtalk.com",
"notes": null,
"favorite": false,
"login": {
"uris": [
{
"match": null,
"uri": "https://www.lowendtalk.com"
}
],
"username": "raindog308",
"password": "my-secret-LET-password",
"totp": null,
"passwordRevisionDate": null
},
"collectionIds": [],
"revisionDate": "2020-06-29T22:47:45.373Z"
}
]If you only want one password:
raindog308@client:~$ bw get password lowendtalk.com my-secret-LET-password
The CLI many other useful commands. For example, you get search:
bw list items --search lowend --prettyIf you install the jq package via
apt install jq
You can then parse that easily:
bw get item lowendtalk.com | jq '.login.password'You can generate passwords:
raindog308@client:~$ bw generate -ulns --length 25 Vyd6F*qhck@8*X4cFh!v9@D2r
In this example, the “-ulns” means “include upper, lower, numbers, symbols”.
The command-line docs outline many other things you can do with bw, or type bw –help for a quick overview.
Related Posts:
I also enjoy using LEBs! I have an empire of little guys for VPNs, larger guys for apps, and big guys for databases and storage. When I'm not in front a screen I'm into German Shepherd dogs, quality knives, target shooting, theology, tabletop roleplaying games, and forest hiking.
I enjoy writing technical articles here on LowEndBox to help people get more out of their systems. You can find me on LowEndTalk @raindog308
- Should You Change Your Windows RDP Port?Yes. - April 23, 2024
- DediRock: Not Just Dedicated Servers!They Have Cheap VPSes in Buffalo and Los Angeles, Too! - April 23, 2024
- You Don’t Want to Start a Hosting Company: A Parallel From History - April 22, 2024
Leave a Reply