Stop copying secrets.json between machines
DevSecretStash syncs your .NET user-secrets across every dev machine with end-to-end encryption. The server never sees your plaintext.
$ dss register
Email: dev@example.com
Registered and logged in as dev@example.com
$ dss push
Pushed 5 keys for a1b2c3d4-... (version: 1)
# On another machine:
$ dss login
$ dss pull
Pulled 5 keys for a1b2c3d4-... (version: 1)
Built for .NET developers
Everything you need to keep secrets in sync, nothing you don't.
End-to-End Encrypted
AES-256-GCM encryption with Argon2id key derivation. Secrets are encrypted on your machine before upload.
Cross-Platform
Works on Windows, macOS, and Linux. Reads and writes the standard dotnet user-secrets locations.
Two Commands
dss push and dss pull. Auto-detects your UserSecretsId from the .csproj file.
Works with dotnet user-secrets
Same secrets.json format, same file locations. Your existing workflow doesn't change.
Zero-Knowledge Server
Your master key never leaves your machine. Even if the server is compromised, your secrets stay safe.
Free Forever
No subscription, no limits, no credit card. Open source and self-hostable.
Get started in 60 seconds
Install the CLI
dotnet tool install --global DevSecretStash
Create your account
Run dss register or sign up here. Encryption keys are generated locally.
Push your secrets
From any .NET project: dss push. Secrets are encrypted and uploaded.
Pull on another machine
dss login then dss pull. Decrypted locally, written to standard location.
Ready to stop sharing secrets over Slack?
Join for free and sync your first secrets in under a minute.
Create Free Account