I have finally gotten tired of keeping up with millions of passwords. I thought I would up the security level by using a password manager to generate secure and unique passwords for each site. I read Tim’s post about KeePass, and he made it sound so easy that I decided to go for it.
Here are my notes on how I got everything working…
Dropbox is important because it provides the vehicle for copying the passwords between devices. The file will be encrypted, but it will live in the cloud.
So, I installed dropbox by downloading the 64-bit deb package from the Linux download page. The package opens by default in the Ubuntu Software Center, and I let the Software Center install it.
When I first opened drop box from the Ubuntu menu, I got this message:
A few moments later, this dialog just popped up:
When I clicked Start Dropbox, I got that first message again, but then, it started downloading something:
Once it was finished downloading, it prompted me to login:
After logging in, I went with the typical setup just to keep it simple.
It offered to send a link to my phone for installing the App on My Phone:
Then, it took me through a little tour. I’ll skip the screenshots for that. It wasn’t until after going through the tour that I saw the Dropbox folder in my home folder. I had another window open from the package manager suggesting to restart Nautilus. I went ahead and clicked the restart button for that. I’m not sure if that was necessary or not.
On my phone, I installed the Dropbox app for Android. It was a simple install from the play store. Actually, because I entered my phone number during the installation, I got a text:
The KeyPass application was in Ubuntu Software Center. I just installed the KeyPass2 package:
Once installed, I opened up the KeyPass program from the launcher bar. First thing, I created a new password database with the File > New menu. I made sure to save the new file in the Dropbox folder.
I had to set a master password. The program tells you how secure that password is.
Next, I went through the settings. I only changed the values on the front page. I set a description for the database, and I put my email address in the default user name. Everything else, I left at the default.
Chrome: KeePassHttp + chromeIPass
According to the readme for KeePassHttp, mono-complete is required. I looked in Synaptic, and I have the following packages installed at version 3.2:
- libmono — many packages
I thought that maybe I could get away with just that installed. It didn’t work. With only these packages, I got this message when I started up KeePass2:
The text reads:
The following plugin is incompatible with the current KeePass version: /usr/lib/keepass2/KeePassHttp.plgx
Have a look at the plugin’s website for an appropriate version.
The fix is to install the mono-complete package. You can use either Synaptic or the apt-get command-line.
sudo apt-get install mono-complete
I downloaded KeePassHttp from the GitHub website. The ReadMe has the link underneath the “Installation” heading. That downloaded a KeePassHttp.plgx file.
I used the command line to copy the file to my KeePass directory (/usr/lib/keepass2):
cd ~/Downloads<br /> sudo mv KeePassHttp.plgx /usr/lib/keepass2
You can tell that it installed successfully because you will see the options on the menu: Tools > KeePassHttp Options. The option window looks like this:
Finally, I installed the ChromeIPass Chrome Extension. That is the part inside of Chrome that talks to KeePassHttp, which talks to KeePass.
Once installed, I saw a new icon beside my menu. When I clicked it, it had a connect button.
Clicking the Connect button opened a confirmation window in KeePass. I entered ChromeIPass for the key name, and it worked fine. It began allowing Chrome to populate credentials on web pages from my KeePass database.
One of the catches to using the ChromIPass extension is that you have to have the KeePass application open the whole time. I found that David Lechner has created an indicator that will make keeping it in the background convenient.
You can add the repository and install it like this:
sudo apt-add-repository ppa:dlech/keepass2-plugins<br /> sudo apt-get update<br /> sudo apt-get install keepass2-plugin-application-indicator
He also has a menu extension, but I am not that big on the menus. I have mine on the title bar of the applications anyway. I didn’t install this extension. If you want to, here’s the command:
sudo apt-get install keepass2-plugin-application-menu
I rebooted hoping that it would autoload or something like that. The indicator doesn’t show until you open the KeePass application.
All the while, KeePassDroid has been the go-to app to manage our password database in Android. However, it is only compatible only with keepass 1.x database (beta support for keepass 2.x database) and the lack of integration with the mobile browser prevented it from becoming the perfect app. Keepass2Android is based on KeePassDroid and it comes with full read/write support for keepass 2.x database as well as username/password auto-fill for most mobile browsers for Android.
After installing, I opened the program. The first screen asks where the database is. I picked the “Open file…” option.
When choosing the file, I could choose Dropbox and pick the file on my Dropbox share.
Now, I have access to all of my KeePass passwords from my phone.
It’s not perfect, but I think it is manageable. I need to find a way to automatically launch KeePass when I login. ChromeIPass doesn’t auto fill all of the fields that I want it to. But, for the most part, it works pretty good.
If you have any suggestions or see anything that I missed, please comment.
- Ask Ubuntu: Is there a password manager for Ubuntu [duplicate]
- Ask Ubuntu: Password Management Applications?
- The ORACLE-BASE Blog: Adventures with Dropbox and KeePass…
- Opensource.com: Managing passwords the open source way
- Dropbox Installation Instructions
- Make Tech Easier: Use Keepass2Android to Auto Fill Password in Android Browsers
- Keepass Plugins
- Ask Ubuntu: How to integrate KeePass and Chrome/Chromium using ChromIPass?
- ArchLinux Forum: Keepass versus Lastpass
- KeePassX Forum: Auto enter Keepass master password on start-up
- PROGRAMMING BY ROBERT MASSAIOLI: Installing keepass2 on Ubuntu Linux 11.10 to work in Google Chrome via KeepassHTTP
- Chrome Web Store: chromeIPass
- KeePass Password Safe: New Plugins for Ubuntu Users
- Absolutly!: Install KeePassHTTP on Ubuntu
- GitHub: Error: The following plugin is incompatible with the current KeePass version.. #28
- GitHub: Keebuntu
- WebUpd8: KEEPASS 2 APPINDICATOR AND APPMENU EXTENSIONS FOR UBUNTU [UPDATED]