Encrypted secret sharing from the terminal
Share passwords, API keys, and .env files — without leaving the command line.
npx vaulted-cli "my-api-key"
# → https://www.vaulted.fyi/s/abc123#keynpm install -g vaulted-cli
vaulted "my-api-key"Same encryption as the web app
AES-256-GCM encryption happens locally on your machine — the same zero-knowledge architecture as vaulted.fyi. The server never sees your plaintext. The decryption key lives only in the URL fragment.
Zero dependencies
Single bundled file with no runtime dependencies. Fast npx startup — no waiting for heavy dependency trees. Requires only Node.js 18.3+.
Pipe-friendly by design
Stdout for data, stderr for diagnostics. Pipe secrets from environment files, compose with clipboard tools, or redirect output to files.
Passphrase protection
Add a passphrase for an extra layer of security. The encryption key is wrapped with PBKDF2 — even if someone intercepts the link, they can't decrypt without the passphrase.
Links work everywhere
Links created with the CLI work in the web app, and vice versa. Share from your terminal, open in a browser — the encryption is identical.
View limits and expiration
Set secrets to self-destruct after 1, 3, 5, or 10 views. Set expiration from 1 hour to 30 days. Same controls as the web interface.
Common use cases
vaulted "super-secret-password" --views 1 --expires 1hcat .env.production | vaulted --views 1
vaulted --file .env.local --expires 24hvaulted "sk_live_abc123" -p mypassphrase -v 1 -e 1hvaulted get https://www.vaulted.fyi/s/abc123#key
vaulted get https://www.vaulted.fyi/s/abc123#wrapped.salt -p mypassphrasevaulted "secret" | pbcopy # macOS
vaulted "secret" | xclip # LinuxAll options
| Flag | Short | Default | Values |
|---|---|---|---|
| --views | -v | 0 (unlimited) | 0, 1, 3, 5, 10 |
| --expires | -e | 24h | 1h, 24h, 7d, 30d |
| --passphrase | -p | none | any string |
| --file | -f | none | file path |
| --host | vaulted.fyi | URL |