• Stars
    star
    140
  • Rank 261,473 (Top 6 %)
  • Language
    PowerShell
  • License
    MIT License
  • Created over 8 years ago
  • Updated over 6 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

PowerShell client for 1Password

1Poshword

PowerShell client for 1Password

demo

  • Cross-platform (Windows/OSX/Linux, PowerShell v4.0+)
  • agilekeychain and opvault support
  • Login, Password, Secure Note, and Generic Account decryption
  • Metadata for all entries
  • Tab completion (agilekeychain only)
  • Output formats
    • PSCredential
    • SecureString
    • Plaintext
    • Clipboard
  • Complete Get-Help documentation

Quickstart

Install from the PowerShell Gallery (Windows-only, PS v5+):

PS> Install-Module -Name 1Poshword

Direct download:

'1Poshword.psd1','1Poshword.psm1','lib.ps1','pbkdf2.cs' |% {
    Invoke-WebRequest https://raw.githubusercontent.com/latkin/1poshword/master/$_ -OutFile ./$_
}

Import-Module ./1Poshword.psd1

Get-1PEntry

Lists 1Password entries. Alias g1p.

PS> g1p

Name               Type       LastUpdated          Location
----               ----       -----------          --------
Twitter            Login      11/29/15 11:53:44 PM https://twitter.com/
Github             Login      11/29/15 11:58:12 PM https://github.com/login
Gmail - Personal   Login      11/30/15 12:11:50 AM https://accounts.google.com/ServiceLogin
Gmail - Work       Login      2/8/16 4:23:38 PM    https://accounts.google.com/ServiceLogin
SSH                Password   2/10/16 1:30:34 PM
Gmail Backup Codes SecureNote 6/8/16 8:41:44 AM
...

Details

PS> g1p twitter | fl *

Name          : Twitter
Id            : E61537A747044159BE8F2A412614C83F
VaultPath     : /Users/lincoln/Dropbox/1Password/1Password.agilekeychain
SecurityLevel : SL5
KeyId         : 
KeyData       : 
Location      : https://twitter.com/
Type          : Login
CreatedAt     : 10/27/15 8:53:36 PM
LastUpdated   : 11/29/15 11:53:44 PM
EncryptedData : U2FsdGVkX198K5razrhlihDvUrIC2FTp29PcqQpmO48MApG758vljLe+z...

Unprotect-1PEntry

Derypts a particular 1Password entry to a variety of formats. Alias 1p.

Add flag -PasswordOnly (alias -po) to output only an entry's password field.

(Yes, "unprotect" is weird, but that's the approved verb for decryption so we're going with it.)

Output Note
PSCredential Default for
  • Login
  • Generic Account
PS> 1p twitter
1Password vault password: ***************

UserName Password


LincolnAtkinson System.Security.SecureString

SecureString Default for
  • Secure Note
  • Password
PS> 1p ssh
1Password vault password: ***************

System.Security.SecureString

Plaintext
PS> 1p github -plain
1Password vault password: ***************

latkin p@ssw0rd1

Clipboard
PS> 1p 'Gmail - Personal' -clip
1Password vault password: ***************

Tips

Password-only output
# output password as SecureString
PS> 1p twitter -po

output password as plaintext

PS> 1p twitter -plain -po

copy password to clipboard

PS> 1p twitter -clip -po

Custom vault path
# at import
PS> Import-Module 1Poshword.psd1 -args <.agilekeychain or .opvault path>

per-command

PS> 1p entryname -VaultPath <.agilekeychain or .opvault path>

change default

PS> Set-1PDefaultVaultPath <.agilekeychain or .opvault path>

Specify password programmatically
PS> $p = Read-Host -AsSecureString 'Speak, friend, and enter'
Speak, friend, and enter: ***************

PS> 1p github $p -plain

latkin p@ssw0rd1

Piping
PS> g1p twitter | 1p
"Reveal" behavior
PS> 1p 'gmail backup codes' -plain | less

Thanks

1Pass, as the original inspiration for this. The first draft of 1Poshword was mostly just a transcription of 1Pass.

Medo, for the C# Pbkdf2-with-arbitrary-HMAC implementation.

AgileBits, for the excellent docs describing the opvault data format.

This project is not supported or endorsed by AgileBits. "1Password" is a registered trademark of Agile Web Solutions, Inc.