Create an account


Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Fedora - Managing credentials with KeePassXC

#1
Managing credentials with KeePassXC

A previous article discussed password management tools that use server-side technology. These tools are very interesting and suitable for a cloud installation.
In this article we will talk about KeePassXC, a simple multi-platform open source software that uses a local file as a database.
The main advantage of this type of password management is simplicity. No server-side technology expertise is required and can therefore be used by any type of user.

Introducing KeePassXC


KeePassXC is an open source cross platform password manager: its development started as a fork of KeePassX, a good product but with a not very active development. It saves the secrets in an encrypted database with AES algorithm using 256 bit key, this makes it reasonably safe to save the database in a cloud drive storage such as pCloud or Dropbox.

In addition to the passwords, KeePassXC allows you to save various information and attachments in the encrypted wallet. It also has a valid password generator that helps the user to correctly manage his credentials.

Installation


The program is available both in the standard Fedora repository and in the Flathub repository. Unfortunately the integration with the browser does not work with the application running in the sandbox, so I suggest to install the program via dnf:

 
sudo dnf install keepassxc

Creating your wallet


To create a new database there are two important steps:

  • Choose the encryption settings: the default settings are reasonably safe, increasing the transform rounds also increases the decryption time.
  • Choose the master key and additional protections: the master key must be easy to remember (if you lose it your wallet is lost!) but strong enough, a passphrase with at least 4 random words can be a good choice. As additional protection you can choose a key file (remember: you must always have it available otherwise you cannot open the wallet) and / or a YubiKey hardware key.


The database file will be saved to the file system. If you want to share with other computers / devices you can save it on a USB key or in a cloud storage like pCloud or Dropbox. Of course, if you choose a cloud storage, a particularly strong master password is recommended, better if accompanied by additional protection.

Creating your first entry


Once the database has been created, you can start creating your first entry. For a web login specify a username, password and url in the Entry tab. Optionally you can specify an expiration date for the credentials based on your personal policy: also by pressing the button on the right the favicon of the site is downloaded and associated as an icon of the entry, this is a nice feature.



KeePassXC also offers a good password / passphrase generator, you can choose length and complexity and check the degree of resistance to a brute force attack:


Browser integration


KeePassXC has an extension available for all major browsers. The extension allows you to fill in the login information for all the entries whose URL is specified.

Browser integration must be enabled on KeePassXC (Tools menu -> Settings) specifying which browsers you intend to use:


Once the extension is installed, it is necessary to create a connection with the database. To do this, press the extension button and then the Connect button: if the database is open and unlocked the extension will create an association key and save it in the database, the key is unique to the browser so I suggest naming it appropriately :


When you reach the login page specified in the Url field and the database is unlocked, the extension will offer you all the credentials you have associated with that page:


In this way, browsing with KeePassXC running you will have your internet credentials available without necessarily saving them in the browser.

SSH agent integration


Another interesting feature of KeePassXC is the integration with SSH. If you have ssh-agent running KeePassXC is able to interact and add the ssh keys that you have uploaded as attachments to your entries.

First of all in the general settings (Tools menu -> Settings) you have to enable the ssh agent and restart the program:


At this point it is required to upload your ssh key pair as an attachment to your entry. Then in the “SSH agent” tab select the private key in the attachment drop-down list, the public key will be populated automatically. Don’t forget to select the two checkboxes above to allow the key to be added to the agent when the database is opened / unlocked and removed when the database is closed / locked:


Now with the database open and unlocked you can log in ssh using the keys saved in your wallet.

The only limitation is in the maximum number of keys that can be added to the agent: ssh servers do not accept by default more than 5 login attempts, for security reasons it is not recommended to increase this value.



https://www.sickgaming.net/blog/2019/08/...keepassxc/
Reply



Possibly Related Threads…
Thread Author Replies Views Last Post
  Fedora - Fedora Silverblue, an introduction for developers xSicKxBot 0 15 05-21-2020, 04:56 AM
Last Post: xSicKxBot
  Fedora - Using Fedora to implement REST API in JavaScript: part 2 xSicKxBot 0 23 05-19-2020, 12:23 AM
Last Post: xSicKxBot
  Fedora - The pieces of Fedora Silverblue xSicKxBot 0 21 05-16-2020, 02:08 AM
Last Post: xSicKxBot
  Fedora - How to rebase to Fedora 32 on Silverblue xSicKxBot 0 37 05-09-2020, 03:58 AM
Last Post: xSicKxBot
  Fedora - Fedora Classroom Session: IRC 101 xSicKxBot 0 32 05-08-2020, 02:41 AM
Last Post: xSicKxBot
  Fedora - What’s new in Fedora 32 Workstation xSicKxBot 0 39 05-01-2020, 04:42 AM
Last Post: xSicKxBot
  Fedora - Fedora 32 is officially here! xSicKxBot 0 51 04-29-2020, 11:44 PM
Last Post: xSicKxBot
  Fedora - Upgrading Fedora 31 to Fedora 32 xSicKxBot 0 42 04-29-2020, 03:22 AM
Last Post: xSicKxBot
  Fedora - Coming soon: Fedora on Lenovo laptops! xSicKxBot 0 58 04-25-2020, 06:13 AM
Last Post: xSicKxBot
  Fedora - Play Stadia Games from Fedora xSicKxBot 0 51 04-24-2020, 01:56 AM
Last Post: xSicKxBot

Forum Jump:

[-]
Upcoming Events

[-]
Discord

[-]
Latest Threads
Unreal Engine Marketplace Spring Sale On...
Last Post: xSicKxBot
Today 06:08 AM
» Replies: 0
» Views: 2
News - Streets Of Rage 4’s Dotemu Is Wor...
Last Post: xSicKxBot
Today 06:07 AM
» Replies: 0
» Views: 4
News - Rainn Wilson Tells Billie Eilish ...
Last Post: xSicKxBot
Today 06:07 AM
» Replies: 0
» Views: 4
[Tut] Python Convert Set to List [Intera...
Last Post: xSicKxBot
Today 03:34 AM
» Replies: 0
» Views: 4
(Indie Deal) FREE Naval Warfare & Digimo...
Last Post: xSicKxBot
Today 03:33 AM
» Replies: 0
» Views: 5
News - Italy announces fund to support c...
Last Post: xSicKxBot
Yesterday 10:28 PM
» Replies: 0
» Views: 7
News - Amazon Games and Bandai Namco are...
Last Post: xSicKxBot
Yesterday 10:28 PM
» Replies: 0
» Views: 6
(Indie Deal) SAO Hollow Realization Delu...
Last Post: xSicKxBot
Yesterday 03:28 PM
» Replies: 0
» Views: 10
News - Review: Never Stop Sneakin’ – An ...
Last Post: xSicKxBot
Yesterday 10:56 AM
» Replies: 0
» Views: 11
News - Review: Golf With Your Friends – ...
Last Post: xSicKxBot
Yesterday 10:56 AM
» Replies: 0
» Views: 9

[-]
Twitter

[-]
Sponsored
Get the Deal of the Week at RefurBees.com

Copyright © SickGaming.net 2012-2019