Steel – Command line password manager
5 March, 2021 by
Steel – Command line password manager

Password management belongs to the command line. Deep into the Unix heartland, the shell. With Steel your passwords are safe. Steel uses AES encryption in CFB mode with 256 bit keys. Steel is simple, Steel is advanced, Steel is adaptable. Steel is the new prophet of password management.



AES in CFB mode with 256 bit keys
Uses bcrypt key derivation function with cost factor 12
Fast and lightweight, written in C
Integrates with standard Unix tools
Output is easy to parse
Supports secure deletion of databases (shredding)
Uses SQLite, easy to write data importers from other password managers
Backup and restore
Verifies data integrity (timing safe)
Manage multiple password databases with ease
Generate secure passwords
Shared library for easy GUI development

To compile Steel from the source code. It’s easy and fast. Steel depends on Libsteel library. Libsteel depends on SQLite, Mhash and Libmcrypt. Of course also GCC and GNU Make are required.

To install the dependencies on Linux Mint 17.3 and Ubuntu 14.04:

sudo apt-get install libmhash-dev libmcrypt-dev libsqlite3-dev

To install the dependencies on Archlinux:

sudo pacman -S libmcrypt mhash sqlite

To download the source code of Libsteel, it’s recommend to download the latest stable version of Libsteel which is version 1.0. Download it from here.

To download the source code of Steel, you have two choices. Either get the latest code from Gitlab or download the latest stable version of Steel. It’s recommend to get the stable version, as the development version might have bugs and it might have not been tested very well.

First you need to compile and install Libsteel. In the libsteel source directory, run:

sudo make install

Libsteel will be installed on /usr/local/lib.

After compiling and installing Libsteel, install Steel. Move to Steel source code directory and type following commands:

sudo make install

Steel will be installed on /usr/local/bin/ by default. Man page will be installed to /usr/local/share/man/man1/.



Steel Manual

This is also available via man steel(1).


steel – command line password manager




Steel is a command line password manager for Unix like operating systems.


-i, –init-new <path>

Create a new database

-o, –open <path>

Open an existing database

-c, –close

Close open database

-a, –add <title> <user> <url> <notes>

Add new entry to database

-a, –add -I

Add new entry to database interactively

-g, –gen-pass <length> [count]

Generate secure password

-d, –delete <id>

Delete an entry by id

-e, –edit <id> <what> [new content]

Edit an entry data. <what> can be either “user”, “title”, “url”, “notes” or “passphrase”. For “passphrase” content is not needed.

-e, –edit -I <id>

Edit an entry interactively.

-R, –shred-db <path>

Shred database. On Cygwin, normal file remove operation is used.

-f, –find <search>

Search database

-l, –list-all

Show all entries

-S, –show-status

Show database statuses

-b, –backup <source> <destination>

Backup database

-B, –import-backup <source> <destionation>

Import database backup

-V, –version

Show program version

-p, –show-passphrase <id>

Show an entry passphrase

-u, –show-username <id>

Show an entry username

-U, –show-url <id>

Show an entry url

-n, –show-notes <id>

Show an entry notes

-h, –help

Show short help and exit


-w, –with-passphrases

Show passphrases in listings


Create a new database:   steel –init-new “/path/to/file.db”

Open and decrypt database:   steel –open “/path/to/existing/file.db”

Close and encrypt database:   steel –close Steel knows what database is currently open and encrypts it. Close will ask you to type a master passphrase which is used for encryption.

Add an entry to an open database:   steel –add “My new entry” “My username” “Url” “Some important notes” All fields are optional except the title field. If you don’t to insert for example an url, just empty quotes “”.

Replace url in an entry:   steel –edit 4 “url” “

Display on passphrase of an existing entry:   steel –show-passphrase 4

Remove database permanently:   steel –shred-db “/path/to/existing/file.db” It’s not possible to recover shredded database, use with caution. On Cygwin shredding is not used, but normal file delete operation is used instead.

Copy passphrase to X-Window system clipboard:   steel –show-passphrase 4 | xclip -selection clipboard You will need to install xclip, if it’s not already installed on your system.

If you want to export all entries to a file:   steel –with-passphrases –list-all > file.txt


Steel does not have a concept of “change master passphrase”. When you close (encrypt) an open database using –close you can type a master passphrase. This passphrase is then required to open (decrypt) the database. You can change the master passphrase everytime when you close the database, if you want to.

Note that while using xclip example above might be useful, the passphrase will be in you clipboard as plain text.

Steel includes -R option which shreds database files. Note that shredding is not effective on SSD disks. File will be removed, but not securely.


$HOME/.steel_open $HOME/.steel_dbs


Written by Niko Rosvall.


Copyright (C) 2016 Niko Rosvall <>


So long as you’re comfortable with the command line, using Steel is pretty easy.

Database File Creation

To start using it, first you need to create (initialize) a database file, which will contain your passwords that you create in Steel.

steel -i myDB

This will create the file myDB in your current working directory. You can create as many database files as you want using the above command.

Encrypting/Closing the File

Next you’ll want to apply some security to the file using Steel’s close command, which will apply the encryption.

steel -c

The program will then prompt you for a passphrase. Obviously use whatever you like, but like any passwords/passphrases, try to use something secure!

Opening an Encrypted/Closed File

Then, to actually start adding passwords you’ll need to tell Steel to open your database file again. This also applies to opening any “closed” database file you may have created in Steel.

steel -o myDB

Steel will prompt you for the passphrase you created for that file. Enter it correctly, Steel will now have your database file open and ready for some passwords to be added!

Adding Entries

There’s two ways to create a new password entry in Steel. One simply uses the syntax of:

steel -a <title> <user> <url> <notes>

However, there is also an interactive mode:

steel -a -I

Steel will then prompt you for the title, the username and the URL (etc) interactively, which you may find more to your liking.

Listing Entries

To list all entries in your database:

steel -l

And to list a specific entry by ID:

steel -s <id number>

As you can see, simply listing an entry won’t automatically display the actual password (or passphrase as it is called in Steel) for that entry, most likely for security reasons. To display the password as well, use the ‘-l’ switch combined with the ‘-p’ switch like so:

steel -l -p <id number>

Deleting an Entry

Similar to listing, only replacing the ‘-s’ with ‘-d’:

steel -d <id number>

And so on and so forth.

Steel uses a sane and easily memorable syntax and there are extra commands you can play with (including using Steel to generate a password for you). I strongly recommend consulting the “man” page for Steel, where there are a full list of commands provided complete with examples.

man steel

Most importantly, once you are done adding and/or listing your saved passwords, remember to close the database file! eg. steel -c