kure
Command-line password manager with AES-GCM encryption and offline operation
kure is a command-line password manager that operates entirely offline without connecting to third-party services. It encrypts each password record using AES-GCM with 256-bit keys and derives unique passwords using Argon2id. The master password is never stored on disk and is held temporarily in protected memory buffers that are destroyed after use.
The tool supports session management, allowing users to run multiple commands after entering their master password once. Sessions can be configured with timeouts and support custom script execution. kure compiles to a single binary file alongside its database, making it portable across devices.
kure runs on Linux, macOS, BSD, Windows, and mobile platforms. It stores configuration and database files in the user's home directory by default, but supports custom locations via the KURE_CONFIG environment variable. The tool requires clipboard utilities on Linux/BSD systems (xsel, xclip, wl-clipboard, or Termux:API) for clipboard operations.
Installation
# via Homebrew
brew install GGP1/tap/kure
# via Docker
docker run -it gastonpalomeque/kure sh
# via Source
git clone https://github.com/GGP1/kure && cd kure && make install
