16 comments

[ 5.5 ms ] story [ 53.6 ms ] thread
Creator here! I'd love any comments if anyone has them. This project is particularly useful for me so I was hoping others would find great use for it as well :)
> The README says 'Better security now that you > can have a different password for every server > if you'd like'.

Can you explain a bit more about your situation? I'd expect most people managing a lot of servers to be using a single LDAP account for login plus SSH passwordless logins - or are these servers maintained by external companies?

Two examples from my life:

For machines that I manage that are hosted by 3rd party VM providers I always use a separate root password. If the provider is compromised an attacker could modify the disk image I'm running from (say, with a modified /bin/su) and I don't want that to spread to other machines.

In the distant past when I was doing consulting I used to have passwords for multiple different clients. Obviously they need to be kept separate.

Since 1password only runs on OS X and Windows, I'm curious why you're optimistic about doing something about Linux ("yet") but merely took a shot at Windows in your README. This might surprise you, but a significant portion of the non-valley world works on Windows, and it's fairly frustrating for Windows admins (I used to be one) to come across a neat tool and get "sucks for you, better luck next time" in your documentation.

Normally I wouldn't say anything but 1password runs on Windows, not Linux, so it was odd to come across and, if I'm honest, made me lose a small amount of interest in your work.

You make an excellent point. I did not, in any way intend to offend Windows users. I was merely trying to be "tongue-and-cheek"-y with my comment. Really, I wouldn't know how to make this work well for an admin on windows. Last I used windows to SSH I was using putty, but that was back in 2005. I have since completely moved from using Windows to *nix systems.

As far as Linux support goes, I had planned to take a stab at writing a tmux plugin so that could potentially get me in the door to supporting Linux.

All that said, I am updating my README to address some of these concerns. Thanks so much for the great feedback!

1. Has it been tested with the brand new (yosemite-only) 1Password 5.0?

2. I hope that you'll expand the installation options. Not everybody uses homebrew.

1) Not yet. I plan on doing that within a week. Hopefully tonight if possible.

2) Great point, I will outline how to install from the zip and from source.

The name is bit odd considering that it seems far more general than just for sudo. Otherwise, neat idea; I might do something similar for urxvt and keepass (or pass)
Great point! I mulled over this for a while, but couldn't come up with a general name that was adequately light-hearted for me. Originally, I named the project `termpass` an obvious portmanteau on terminal and 1password (or I guess just password). That name seems pretty stale though. `sudolikeaboss` just seemed like a fun name that was particularly direct about the core use-case for which it was designed.
So this is a redo of https://github.com/georgebrock/1pass ?

Which was just featured on HN just before the time your repo got started, it looks like. His post was here 9 days ago, your repo has been around for 8 days.

Why not give credit, if it's inspired by that? You make it sound like you created this whole idea.

@natch, I actually saw that and thought it was the same thing I was building. So I thought someone beat me to the punch.

The projects look similar, but georgebrock/1pass is a CLI to 1password db itself. It doesn't do anything to render the UI or anything like that. With sudolikeaboss, I don't actually decrypt any of the password data stored on your machine. I actually call to the undocumented API for the local 1password daemon. So it took a small amount of reverse engineering to get to this point.

In terms of age, I have actually been using a prototype of sudolikeaboss, written in Node, for several weeks.

Hope that is clear! I wouldn't ever want to say I'm using someone else's idea! I think georgebrock's 1pass is an awesome project. I also intend to port it to Go at some point. When that is done, I promise I won't say it's my own work. :)

Asking questions about the project is great, but there is no need to jump to conclusions and imply that the author is being disingenuous.