Open Sourced LastPass Command Line Application Now Available

There’s big news here at LastPass! We’ve released and open sourced a new command line client application. Whether you work as a developer, or in IT operations, or are just a tech-savvy LastPass user, our command line application makes it easier for you to get to data stored in LastPass on the terminal on Mac, Linux, and Windows under Cygwin.

The LastPass command line application brings both better security and convenience by allowing you to access, add, modify, and delete entries in your online LastPass vault, all from the terminal. You can also generate passwords for every server you use and securely store those passwords directly in LastPass. LastPass Enterprise features are supported as well, including Shared Folders. 

Diving Into the Details

Users who prefer the command line can access their data directly with “lpass ls” then using “lpass show -c –password Sitename” to put the Sitename password on the copy buffer. You can utilize “lpass show” to store passwords used in scripts, rather than putting passwords in the scripts themselves. LastPass can also be used as you work within the command line to help you login to servers. We’ve included some example scripts below.

The new tool is beneficial for LastPass users who want to use the command line to login to other machines as they work. There are examples such as contrib/examples/change-ssh-password.sh which shows automated password changing on a server. You could run it automatically on a nightly basis, regularly changing the password on the server as a security measure.

The command line application is hosted on Github at https://github.com/LastPass/lastpass-cli where we will continue to develop it for further applications and uses. We’d be happy to accept pull requests for further examples and increased capabilities.

lpass, like git, is comprised of several subcommands:

lpass login [–trust] [–plaintext-key [–force, -f]] USERNAME
lpass logout [–force, -f]
lpass show [–sync=auto|now|no] [–clip, -c] [–all|–username|–password|–url|–notes|–field=FIELD|–id|–name] {UNIQUENAME|UNIQUEID}
lpass ls [–sync=auto|now|no] [GROUP]
lpass edit [–sync=auto|now|no] [–non-interactive] {–name|–username|–password|–url|–notes|–field=FIELD} {NAME|UNIQUEID}
lpass generate [–sync=auto|now|no] [–clip, -c] [–username=USERNAME] [–url=URL] [–no-symbols] {NAME|UNIQUEID} LENGTH
lpass duplicate [–sync=auto|now|no] {UNIQUENAME|UNIQUEID}
lpass rm [–sync=auto|now|no] {UNIQUENAME|UNIQUEID}
lpass sync [–background, -b]


You can view the full documentation in the manpage,
man lpass or view it online.

41 Comments

  • Josh A. says:

    Maybe I’m missing something but I don’t see any instructions for getting this running on Windows. It says Cygwin support for windows but it would be greatly appreciated if you could provide some details so I don’t have to spend countless hours poking around in the dark trying to figure it out.

    I’d also like to say… this was the missing piece to your product. I was considering moving to another solution that provided this type of functionality but if I can get this running I’ll be a happy customer for a long time. Thanks!

  • Dave Lane says:

    I think it makes total sense for this to be compiled by the user. It’s a good reminder that we need to be vigilant about our security and the code which enables it. Convenience and security are generally opposing forces. What we need is a broadly trusted entity to provide secure compiled versions for the masses, and that entity doesn’t exist yet.

  • Eduardo Diaz says:

    Absolutely awesome. It will help me squeeze lastpass functionality in our environment