KeePass Shell access
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Michał Góral f8b54c7be2 add gpg --encrypt example to readme 1 day ago
contrib Wait for menu to exit before executing a command. 3 days ago
src/kpd Changed error string 2 days ago
tests Some keepass test files. 2 days ago
.gitignore Rename to keepass-dmenu 1 week ago
LICENSE GPLv3 or later 6 days ago
Pipfile Improvements 1 week ago add gpg --encrypt example to readme 1 day ago Added README 1 day ago


kpsh, or KeePass Shell, is an interactive shell for working directly with KeePass database files.


  • open, lock and unlock databases
  • list contents of database
  • show contents of database entries and filter them by fields
  • autotype usernames and passwords or any sequences of entry fields.
  • access all commands non-interactively via -c switch or by piping commands directly to kpsh
  • tab-completion in interactive mode
  • several built-in ways to obtain a password, which can be passed by argument, typed directly to kpsh or through pinentry program program or fetched from a provided command output
  • ships with highly customizable kpsh-menu script which performs any kpsh command on entries selected by dmenu/rofi/fzf (e.g. autotype passwords selected in dmenu/rofi)

Usage examples

Typical session:

$ kpsh passwords.kdbx

passwords.kdbx> ls
Password: ********

passwords.kdbx> show work/login
path: work/login
username: John Doe
password: jsdf7y8h8349yhj3h42

Get a password from gpg-encrypted file (trailing newline, which isn’t a part of password is trimmed):

$ gpg --encrypt -o masterpass.gpg -r
<type type type>
$ kpsh passwords.kdbx --pw-cmd "gpg --decrypt masterpass.gpg | tr -d '\n'"

… or from a keyring:

$ secret-tool store --label='keepass' database passwords.kdbx
$ kpsh passwords.kdbx --pw-cmd "secret-tool lookup database passwords.kdbx"

Autotype a user/password sequence:

kpsh passwords.kdbx --pw-cmd "secret-tool lookup database passwords.kdbx"
                    -c autotype

… or just a password, but a little faster:

kpsh passwords.kdbx --pw-cmd "secret-tool lookup database passwords.kdbx"
                    -c "autotype -s {PASSWORD} -D 12"


$ pip install --user kpsh