GNOMAN is a cross-platform command line tool that inspects and maintains the secrets stored in your operating system keyring. It provides a consistent interface across Linux (Secret Service), macOS (Keychain) and Windows (Credential Locker) so that you can audit, export, rotate and restore credentials without leaving the terminal.
- 🔍 Enumerate every keyring entry regardless of namespace or application.
- 🧾 Inspect and audit secrets for stale credentials, missing metadata and duplicates.
- ✍️ Create, update or delete entries using the native system backend.
- 📦 Encrypted export/import routines for disaster recovery and migration.
- ♻️ Credential rotation that generates high-entropy replacements in bulk.
Install GNOMAN from PyPI:
pip install gnoman-cliusage: gnoman [-h] [--gui] [--version] {list,show,set,delete,export,import,rotate,audit} ...
Pass the optional --gui flag to launch a lightweight Tkinter desktop interface focused on
secret management.
gnoman list --namespace githubgnoman show github.com personal-tokengnoman set github.com personal-tokenYou will be prompted for the secret value when it is not provided directly.
gnoman export backup.gnoman
# ... later ...
gnoman import backup.gnomanBoth operations prompt for a passphrase unless --passphrase is supplied.
gnoman rotate --services github.com,slackRegenerates high-entropy secrets for the selected services.
gnoman audit --stale-days 90Produces a JSON report summarising duplicates, stale entries and other potential issues.
Tests exercise the platform-agnostic logic using the in-memory adapter:
pip install -e .[dev]
pytestThe CLI interacts with the system keyring by default. Within unit tests the
gnoman.utils.keyring_backend.use_adapter helper swaps in an in-memory backend
to avoid touching real credentials.