43032ef813ac40a46e08eda067e015fafaa1475b
Marco Ricci Import initial project files

Marco Ricci authored 10 months ago

1) # derivepassphrase
2) 
3) [![PyPI - Version](https://img.shields.io/pypi/v/derivepassphrase.svg)](https://pypi.org/project/derivepassphrase)
4) [![PyPI - Python Version](https://img.shields.io/pypi/pyversions/derivepassphrase.svg)](https://pypi.org/project/derivepassphrase)
5) 
Marco Ricci Fill out README and documen...

Marco Ricci authored 8 months ago

6) An almost faithful Python reimplementation of [James Coglan's `vault`][VAULT], a deterministic password manager/generator.
7) 
8) Using a master passphrase or a master SSH key, derive a passphrase for a given named service, subject to length, character and character repetition constraints.
Marco Ricci Incorporate revised wording...

Marco Ricci authored 2 months ago

9) 
10) The derivation is *strong*: derived passphrases have as much entropy as permitted by the master passphrase and the passphrase constraints (whichever is more restrictive), and even if multiple derived passphrases are compromised, the master passphrase remains cryptographically difficult to discern from these compromised passphrases.
11) The derivation is also *deterministic*, given the same inputs, thus the resulting passphrase need not be stored explicitly.
12) 
13) The service name and constraints themselves also need not be kept secret; the latter are usually stored in a world-readable file to ease repeated entry of passphrase constraints.
Marco Ricci Import initial project files

Marco Ricci authored 10 months ago

14) 
Marco Ricci Update all URLs to stable a...

Marco Ricci authored 6 months ago

15) [VAULT]: https://www.npmjs.com/package/vault
Marco Ricci Import initial project files

Marco Ricci authored 10 months ago

16) 
Marco Ricci Fill out README and documen...

Marco Ricci authored 8 months ago

17) -----
Marco Ricci Import initial project files

Marco Ricci authored 10 months ago

18) 
19) ## Installation
20) 
Marco Ricci Fill out README and documen...

Marco Ricci authored 8 months ago

21) ### With `pip`
22) 
Marco Ricci Include explanation for vir...

Marco Ricci authored 6 months ago

23) (If not inside a [virtual environment][VENV], use `pip install --user` instead of plain `pip install`.)
24) 
Marco Ricci Fix minor formatting detail...

Marco Ricci authored 8 months ago

25) ```` shell-session
Marco Ricci Fill out README and documen...

Marco Ricci authored 8 months ago

26) $ pip install derivepassphrase
Marco Ricci Fix minor formatting detail...

Marco Ricci authored 8 months ago

27) ````
Marco Ricci Fill out README and documen...

Marco Ricci authored 8 months ago

28) 
Marco Ricci Include explanation for vir...

Marco Ricci authored 6 months ago

29) To use the `export` subcommand, install the `export` extra:
30) 
31) ```` shell-session
32) $ pip install "derivepassphrase[export]"
33) ````
34) 
35) [VENV]: https://docs.python.org/3/library/venv.html
36) 
Marco Ricci Fill out README and documen...

Marco Ricci authored 8 months ago

37) ### Manually
38) 
Marco Ricci Update package dependencies...

Marco Ricci authored 8 months ago

39) `derivepassphrase` is a pure Python package, and may be easily installed manually by placing the respective files and the package's dependencies into Python's import path.
Marco Ricci Update required Python vers...

Marco Ricci authored 5 months ago

40) `derivepassphrase` requires Python 3.9 or higher as well as the [typing-extensions package][TYPING_EXTENSIONS] for its core functionality and programmatic interface, and [`click`][CLICK] 8.1 or higher for its command-line interface.
Marco Ricci Fix omissions of `tomli` (P...

Marco Ricci authored 2 months ago

41) On Python 3.9 and 3.10 only, `derivepassphrase` additionally requires the [tomli package][TOMLI].
Marco Ricci Fix version typo in README

Marco Ricci authored 6 months ago

42) Using the `export vault` subcommand additionally requires the [cryptography package][CRYPTOGRAPHY], version 38.0 or newer.
Marco Ricci Fill out README and documen...

Marco Ricci authored 8 months ago

43) 
Marco Ricci Fix omissions of `tomli` (P...

Marco Ricci authored 2 months ago

44) `derivepassphrase` works just fine on PyPy.
45) 
Marco Ricci Update package dependencies...

Marco Ricci authored 8 months ago

46) [TYPING_EXTENSIONS]: https://pypi.org/project/typing-extensions/
Marco Ricci Update all URLs to stable a...

Marco Ricci authored 6 months ago

47) [CLICK]: https://pypi.org/project/click/
Marco Ricci Fix omissions of `tomli` (P...

Marco Ricci authored 2 months ago

48) [TOMLI]: https://pypi.org/project/tomli/
Marco Ricci Update all URLs to stable a...

Marco Ricci authored 6 months ago

49) [CRYPTOGRAPHY]: https://pypi.org/project/cryptography/
Marco Ricci Fill out README and documen...

Marco Ricci authored 8 months ago

50) 
51) ## Quick Usage
52) 
Marco Ricci Demonstrate config storing...

Marco Ricci authored 6 months ago

53) `derivepassphrase` is designed to principally support multiple passphrase derivation schemes, but currently only the "[vault][VAULT]" scheme is implemented.
54) 
55) Using the passphrase `This passphrase is for demonstration purposes only.` when prompted:
56) 
Marco Ricci Fix minor formatting detail...

Marco Ricci authored 8 months ago

57) ```` shell-session
Marco Ricci Reintegrate all functionali...

Marco Ricci authored 6 months ago

58) $ derivepassphrase vault -p --length 30 --upper 3 --lower 1 --number 2 --space 0 --symbol 0 my-email-account
Marco Ricci Demonstrate config storing...

Marco Ricci authored 6 months ago

59) Passphrase: 
Marco Ricci Fill out README and documen...

Marco Ricci authored 8 months ago

60) JKeet7GeBpxysOgdCEJo6UzmP8A0Ih
Marco Ricci Fix minor formatting detail...

Marco Ricci authored 8 months ago

61) ````
Marco Ricci Fill out README and documen...

Marco Ricci authored 8 months ago

62) 
63) Some time later…
64) 
Marco Ricci Fix minor formatting detail...

Marco Ricci authored 8 months ago

65) ```` shell-session
Marco Ricci Reintegrate all functionali...

Marco Ricci authored 6 months ago

66) $ derivepassphrase vault -p --length 30 --upper 3 --lower 1 --number 2 --space 0 --symbol 0 my-email-account
Marco Ricci Demonstrate config storing...

Marco Ricci authored 6 months ago

67) Passphrase: 
Marco Ricci Fill out README and documen...

Marco Ricci authored 8 months ago

68) JKeet7GeBpxysOgdCEJo6UzmP8A0Ih
Marco Ricci Fix minor formatting detail...

Marco Ricci authored 8 months ago

69) ````
Marco Ricci Import initial project files

Marco Ricci authored 10 months ago

70) 
Marco Ricci Demonstrate config storing...

Marco Ricci authored 6 months ago

71) ### Storing settings
72) 
73) `derivepassphrase` can store the length and character constraint settings in its configuration file so that you do not have to re-enter them each time.
74) 
75) ```` shell-session
76) $ derivepassphrase vault --config --length 30 --upper 3 --lower 1 --number 2 --space 0 --symbol 0 my-email-account
77) $ derivepassphrase vault -p my-email-account
78) Passphrase: 
79) JKeet7GeBpxysOgdCEJo6UzmP8A0Ih
80) ````
81) 
82) ### SSH agent support
83) 
84) On UNIX-like systems with OpenSSH or PuTTY installed, you can use an Ed25519, Ed448 or RSA key from the agent instead of a master passphrase.
85) ([On Windows there are problems establishing communication channels with the agent.][#13])
86) 
87) ```` shell-session
88) $ derivepassphrase vault -k my-email-account
89) Suitable SSH keys:
Marco Ricci Use canonical test keys in...

Marco Ricci authored 3 months ago

90) [1] ssh-rsa ...feXycsvJZ2uaYRjMdZeJGNAnHLUGLkBscw5aI8=  test key without passphrase
91) [2] ssh-ed448 ...BQ72ZgtPMckdzabiz7JbM/b0JzcRzGLMsbwA=  test key without passphrase
92) [3] ssh-ed25519 ...gJIXw//Mkhv5MEwidwcakUGCekJD/vCEml2  test key without passphrase
Marco Ricci Demonstrate config storing...

Marco Ricci authored 6 months ago

93) Your selection? (1-3, leave empty to abort): 1
94) oXDGCvMhLWPQyCzYtaobOq2Wh9olYj
95) ````
96) 
97) `derivepassphrase` can store the SSH key selection in its configuration file so you do not have to re-select it each time.
98) This choice can be made either specifically for the service (in this case, `my-email-account`), or globally.
99) 
100) ```` shell-session
101) $ derivepassphrase vault --config -k  # global setting
102) Suitable SSH keys:
Marco Ricci Use canonical test keys in...

Marco Ricci authored 3 months ago

103) [1] ssh-rsa ...feXycsvJZ2uaYRjMdZeJGNAnHLUGLkBscw5aI8=  test key without passphrase
104) [2] ssh-ed448 ...BQ72ZgtPMckdzabiz7JbM/b0JzcRzGLMsbwA=  test key without passphrase
105) [3] ssh-ed25519 ...gJIXw//Mkhv5MEwidwcakUGCekJD/vCEml2  test key without passphrase
Marco Ricci Demonstrate config storing...

Marco Ricci authored 6 months ago

106) Your selection? (1-3, leave empty to abort): 1
107) $ derivepassphrase vault my-email-account
108) oXDGCvMhLWPQyCzYtaobOq2Wh9olYj
109) ````
110) 
111) [#13]: https://github.com/the-13th-letter/derivepassphrase/issues/13 "Issue 13: Support PuTTY/Pageant (and maybe OpenSSH/ssh-agent) on Windows"
Marco Ricci Fill out README and documen...

Marco Ricci authored 8 months ago

112) 
Marco Ricci Import initial project files

Marco Ricci authored 10 months ago

113) ## License
114)