Password management belongs to the command line. Deep into the Unix heartland, the shell. With Steel your passwords are safe. Steel uses AES encryption in CFB mode with 256 bit keys. Steel is simple, Steel is advanced, Steel is adaptable. Steel is the new prophet of password management.
AES in CFB mode with 256 bit keys
Uses bcrypt key derivation function with cost factor 12
Fast and lightweight, written in C
Integrates with standard Unix tools
Output is easy to parse
Supports secure deletion of databases (shredding)
Uses SQLite, easy to write data importers from other password managers
Backup and restore
Verifies data integrity (timing safe)
Manage multiple password databases with ease
Generate secure passwords
Shared library for easy GUI development
To compile Steel from the source code. It’s easy and fast. Steel depends on Libsteel library. Libsteel depends on SQLite, Mhash and Libmcrypt. Of course also GCC and GNU Make are required.
To install the dependencies on Linux Mint 17.3 and Ubuntu 14.04:
sudo apt-get install libmhash-dev libmcrypt-dev libsqlite3-dev
To install the dependencies on Archlinux:
sudo pacman -S libmcrypt mhash sqlite
To download the source code of Libsteel, it’s recommend to download the latest stable version of Libsteel which is version 1.0. Download it from here.
To download the source code of Steel, you have two choices. Either get the latest code from Gitlab or download the latest stable version of Steel. It’s recommend to get the stable version, as the development version might have bugs and it might have not been tested very well.
First you need to compile and install Libsteel. In the libsteel source directory, run:
sudo make install
Libsteel will be installed on /usr/local/lib.
After compiling and installing Libsteel, install Steel. Move to Steel source code directory and type following commands:
sudo make install
Steel will be installed on /usr/local/bin/ by default. Man page will be installed to /usr/local/share/man/man1/.
This is also available via man steel(1).
Create a new database
Open an existing database
Close open database
Add new entry to database
Add new entry to database interactively
Generate secure password
Delete an entry by id
Edit an entry data. <what> can be either “user”, “title”, “url”, “notes” or “passphrase”. For “passphrase” content is not needed.
Edit an entry interactively.
Shred database. On Cygwin, normal file remove operation is used.
Show all entries
Show database statuses
Import database backup
Show program version
Show an entry passphrase
Show an entry username
Show an entry url
Show an entry notes
Create a new database: steel –init-new “/path/to/file.db”
Open and decrypt database: steel –open “/path/to/existing/file.db”
Close and encrypt database: steel –close Steel knows what database is currently open and encrypts it. Close will ask you to type a master passphrase which is used for encryption.
Add an entry to an open database: steel –add “My new entry” “My username” “Url” “Some important notes” All fields are optional except the title field. If you don’t to insert for example an url, just empty quotes “”.
Replace url in an entry: steel –edit 4 “url” “http://www.newurl.com“
Display on passphrase of an existing entry: steel –show-passphrase 4
Remove database permanently: steel –shred-db “/path/to/existing/file.db” It’s not possible to recover shredded database, use with caution. On Cygwin shredding is not used, but normal file delete operation is used instead.
Copy passphrase to X-Window system clipboard: steel –show-passphrase 4 | xclip -selection clipboard You will need to install xclip, if it’s not already installed on your system.
Steel does not have a concept of “change master passphrase”. When you close (encrypt) an open database using –close you can type a master passphrase. This passphrase is then required to open (decrypt) the database. You can change the master passphrase everytime when you close the database, if you want to.
Note that while using xclip example above might be useful, the passphrase will be in you clipboard as plain text.
Copyright (C) 2016 Niko Rosvall <firstname.lastname@example.org>
So long as you’re comfortable with the command line, using Steel is pretty easy.
Database File Creation
To start using it, first you need to create (initialize) a database file, which will contain your passwords that you create in Steel.
steel -i myDB
This will create the file myDB in your current working directory. You can create as many database files as you want using the above command.
Encrypting/Closing the File
Next you’ll want to apply some security to the file using Steel’s close command, which will apply the encryption.
The program will then prompt you for a passphrase. Obviously use whatever you like, but like any passwords/passphrases, try to use something secure!
Opening an Encrypted/Closed File
Then, to actually start adding passwords you’ll need to tell Steel to open your database file again. This also applies to opening any “closed” database file you may have created in Steel.
steel -o myDB
Steel will prompt you for the passphrase you created for that file. Enter it correctly, Steel will now have your database file open and ready for some passwords to be added!
There’s two ways to create a new password entry in Steel. One simply uses the syntax of:
steel -a <title> <user> <url> <notes>
However, there is also an interactive mode:
steel -a -I
Steel will then prompt you for the title, the username and the URL (etc) interactively, which you may find more to your liking.
To list all entries in your database:
And to list a specific entry by ID:
steel -s <id number>
As you can see, simply listing an entry won’t automatically display the actual password (or passphrase as it is called in Steel) for that entry, most likely for security reasons. To display the password as well, use the ‘-l’ switch combined with the ‘-p’ switch like so:
steel -l -p <id number>
Deleting an Entry
Similar to listing, only replacing the ‘-s’ with ‘-d’:
steel -d <id number>
And so on and so forth.
Steel uses a sane and easily memorable syntax and there are extra commands you can play with (including using Steel to generate a password for you). I strongly recommend consulting the “man” page for Steel, where there are a full list of commands provided complete with examples.
Most importantly, once you are done adding and/or listing your saved passwords, remember to close the database file! eg.