pwman-tools

Artifact [b8ac532836]
Login

Artifact b8ac532836d7170ef95fc490f32e307f91e08127474abeae61281312270493e7:


# PWman Tools

Two little SBCL CLisp scripts.

1. The first to convert a [Lastpass](https://lastpass.com) CSV export to [PWman](http://pwman.sourceforge.net) XML format.
2. And then more recently to convert the PWman XML to [1password](https://1password.com/en) via the [op cli](https://support.1password.com/command-line/).

Originally done as a little learning exercise in Lisp for me, but also because I use(d) Lastpass and also wanted to use a command line based password manager. At the time there wasn't a command line client for Lastpass so I planned on every so often doing a one way update of passwords. As it turned out I just switched to PWman entirely.

However... a few years on and 1password is now pretty cross platform - there is a NetBSD command line client! And coupled with an effort/attempt to move my family to using 1password it seemed like a good time to try moving off PWman to 1password; Although the op cli is very bare bones. I'd try to re-use some of this work to write a script to help move my data to 1password (would have been quicker to just shell script it... maybe).

## lastpass2pwman

### How to use

Developed and tested in SBCL. Use as follows

	sbcl --script /path/to/this/script <gpg id used with pwman> </path/to/lastpass/export>

The path to the Lastpass export is optional. If not supplied assumes file is called "lastpass.csv" and is in current directory. The script works by first exporting a plain text file called "pwman.txt" to current directory, however, this is then immediately encrypted via GPG and replaces the `.pwman.db` file. Both plain text files (the Lastpass export and `pwman.txt`) are then deleted - unless an error occurs with the encryption, in which case the script notifies the user and leaves the files.

### Known issues

PWman has a maximum password length of 64 characters therefore secure notes are stored in the launch field of PWman. Since the whole file is encrypted it doesn't really matter which field is used. The launch field allows up to 256 characters. If your secure notes are longer than this, then PWman will truncate them when saving. Also, note that although PWman will store 256 characters correctly it won't necessarily display them all correctly (the field was intended for displaying a single line of text), but the data will be in the file.

## pwman2op

### How to use

Developed and tested in SBCL. Use as follows:

	gpg -d ~/.pwman.db > ~/.pwman.db.decrypt
	sbcl --script /path/to/this/script

### Known issues/limitations

- Assumes two-level hierarchy of data in pwman
- Only uses Login and Secure Note op templates
- Secure Notes have to be in a "SECURE-NOTES" category/heading in PWman
- Ignores stuff in a "INACTIVE" category/heading in PWman
- Assumes an existing authenticated op session
- pwman.db file needs to be decrypted up front to `~/.pwman.db.decrypt`
- Assumes untampered with XML. Note that newlines and spaces will add
  additional "nodes" that breaks the assumption of this code. By default PWman
  includes no spaces or newlines, etc.
- Mappings from PWman to 1password are as follows:
	- For Logins
		- name -> title
		- host -> url
		- user -> username
		- passwd -> password
		- launch -> notesPlain
		- category -> tag
	- For Secure Notes
		- name -> title
		- host -> notesPlain
		- user -> notesPlain
		- passwd -> notesPlain
		- launch -> notesPlain
		- category -> tag