**Unlock SSH/GPG Keys and Secrets with Touch ID on macOS: Introducing Axo Pass**
**Unlocking Secure Environments Just Got Easier**
Are you tired of typing passwords or accessing sensitive information every time you need to work on a development project? Do you wish there was an easier way to manage your SSH keys, GPG secrets, and other credentials while maintaining top-notch security? Look no further than Axo Pass, the innovative Touch ID-based secrets manager for macOS dev environments.
**What is Axo Pass?**
Axo Pass is an open-source application that allows you to securely store and access sensitive information using Touch ID on your Mac. With a user-friendly interface and robust encryption mechanisms, Axo Pass ensures that your SSH keys, GPG secrets, and other credentials remain protected while still being easily accessible when needed.
**How Does it Work?**
To get started with Axo Pass, download the latest release from our website and follow these simple steps:
1. **Install the DMG**: Run the downloaded `.dmg` file to install Axo Pass on your Mac. 2. **Add Axo Pass to Your Shell Configuration**: Add the following line of code to your shell configuration file (e.g., `~/.zshrc` or `~/.bashrc`). This will make the `ap` command available in your terminal.
```bash # Load Axo Pass environment variables source ~/.axopass/env.sh ```
3. **Use Touch ID to Access Your Secrets**: Run the following command to enable Touch ID authentication.
```bash # Enable Touch ID for Axo Pass ap touchid enable ```
**Encryption and Security**
Axo Pass employs a robust encryption mechanism, inspired by SOPS, to protect your sensitive information. Each vault file is stored as JSON in `~/Library/Application Support/Axo Pass/vaults` and contains an AES-256 GCM key encrypted with an ECIES key stored in the Secure Enclave. This ensures that even if someone gains access to your computer, they will not be able to decrypt your secrets.
**Vault Files: A Closer Look**
A vault file is a JSON object that stores credential values encrypted using the file key. Here's an example of what a vault file might look like:
```json
{
"credential": {
"path": "/path/to/credentials",
"value": "base64 encoded value"
},
"file_key": "
**Get Involved and Improve Axo Pass**
We're excited to have you join our community of developers who are passionate about creating secure and user-friendly solutions. If you'd like to contribute to the development of Axo Pass or simply want to learn more, reach out to us on Discord or explore our GitHub repository.
**Important Notes**
Please note that Axo Pass requires codesigning for installation, and notarization is necessary for distribution. If you're interested in helping us improve this project, we invite you to join the conversation on Discord.
Stay tuned for updates and enhancements as we continue to refine and expand Axo Pass. In the meantime, download the latest release and start experiencing the convenience of secure, Touch ID-based access to your development secrets.