Himitsu is a secure secret storage system for Unix-like systems. It is extensible and suitable for storing passwords, private keys, logins, etc.
Himitsu secrets are stored in a arbitrary key/value store, accessible via a daemon. Himitsu also provides a command-line interface and query language for the store.
Install the himitsuAUR package.
You will also need a Himitsu prompter: hiprompt-gtk-pyAUR.
The himitsu(7) man page is worth reading. The following is a guide specific to an Arch Linux installation of himitsuAUR.
Firstly, you will need a himitsu secstore (secrets store) and some basic configuration. Initialize these with himitsu-init(1).
You will then need to configure Himitsu to use your prompter of choice. Edit the himitsu.ini(5) config file. For example, for hiprompt-gtk-pyAUR:
The Himitsu daemon himitsud(1) can now be run.
The Himitsu package comes with a systemd user unit,
Starting/enabling it runs
himitsud in the background.
Use the hiq(1) command to query and manage the keystore.
Himitsu has integrations for various software.
The himitsu-sshAUR package provides an SSH agent and utilities for using and storing SSH keys in the Himitsu keystore.
For ssh to use the Himitsu SSH agent, it is required that:
- The agent is running (enable/start the included
$SSH_AUTH_SOCKenvironment variable is set to the Himitsu SSH agent's socket (i.e.
With that, ssh will consult the Himitsu keystore for SSH key data.
The himitsu-firefoxAUR package provides the backend (a native messaging component) for the official Firefox Himitsu Add-on.
Once both installed, Firefox can consult the Himitsu keystore for logins/passwords, from keystore entries with the
proto=web key-value pair.
The add-on implements the "web" protocol.