Bitwarden is a cross-platform password manager that synchronizes between platforms (desktop, phone, tablet, etc.) and browsers. Unlike many products, you can fully self-host Bitwarden.
You might enjoy reading our earlier piece on self-hosted Bitwarden.
Most people using Bitwarden need their passwords to fill in web sites and other online services. But what if you want to access your passwords on the command line, perhaps because you need server access credentials? Can do!
Installing bw
The command-line client is called ‘bw’. To install it, you need to setup the Node Package Manager:
apt install npm
Next, install the Bitwarden cli:
npm install -g @bitwarden/cli
If You’re Self-Hosted
By default, bw will try to talk to bitwarden.com (the official Bitwarden server). But if you’re self-hosted, you can configure it to talk to your server.
Type this command:
raindog308@client:~$ bw config server bitwarden.lowend.party Saved setting `config`.
Now if you look in your home directory’s .config folder, you’ll see a “Bitwarden CLI” subdirectory. In the data.json file in that directory, you’ll see that bw is configured for your server.
raindog308@client:~$ cat .config/Bitwarden\ CLI/data.json { "installedVersion": "1.11.0", "environmentUrls": { "base": "https://bitwarden.lowend.party", "api": null, "identity": null, "webVault": null, "icons": null, "notifications": null, "events": null, "enterprise": null } }
If you’re using the official bitwarden.com servers, this step is unnecessary.
Logging In
Let’s login to our server.
raindog308@client:~$ bw login ? Email address: raindog308@raindog308.com ? Master password: [hidden] You are logged in! To unlock your vault, set your session key to the `BW_SESSION` environment variable. ex: $ export BW_SESSION="xxxXXXxxx==" $ env:BW_SESSION="xxxXXXxxx==" You can also pass the session key to any command with the `--session` option. ex: $ bw list items --session xxxXXXxxx==
You can take that export statement and execute it:
$ export BW_SESSION="xxxXXXxxx=="
Now you can use various bw commands. You can also put that command in your .bash_profile and it will be executed every time you login, but be aware of the security tradeoffs.
Using bw
Let’s see what items we have in our vault. They’ll come across as easily parsable json:
raindog308@client:~$ bw list items --pretty [ { "object": "item", "id": "2606ba51-8f15-42a8-a380-abe90177aa66", "organizationId": null, "folderId": null, "type": 1, "name": "lowendtalk.com", "notes": null, "favorite": false, "login": { "uris": [ { "match": null, "uri": "https://www.lowendtalk.com" } ], "username": "raindog308", "password": "my-secret-LET-password", "totp": null, "passwordRevisionDate": null }, "collectionIds": [], "revisionDate": "2020-06-29T22:47:45.373Z" } ]
If you only want one password:
raindog308@client:~$ bw get password lowendtalk.com my-secret-LET-password
The CLI many other useful commands. For example, you get search:
bw list items --search lowend --pretty
If you install the jq package via
apt install jq
You can then parse that easily:
bw get item lowendtalk.com | jq '.login.password'
You can generate passwords:
raindog308@client:~$ bw generate -ulns --length 25 Vyd6F*qhck@8*X4cFh!v9@D2r
In this example, the “-ulns” means “include upper, lower, numbers, symbols”.
The command-line docs outline many other things you can do with bw, or type bw –help for a quick overview.
Related Posts:
- LowEndBoxTV: Free Power Toys for Your Linux Server! - October 4, 2024
- Happy Halloween from MangoMail!Get 3 Months FREE Email Hosting on New Signups! - October 3, 2024
- LowEndBoxTV: Stop Losing Your WordPress Data! Backup Your WordPress Easily for FREE! - October 2, 2024
Leave a Reply