You can later on configure the GPG Agent to avoid repetitive typing. Enter a complex and long passphrase, at least as long as the longest item you will store inside your password manager. When this is done, use O (from Okay) to confirm the setup and you will be presented with a passphrase dialog for the key, which will present as the topmost window in your Linux Desktop. After this, enter your name and email and a comment. When asked about key validity you can set 5 or 10 years, by entering 5y or 10y. Set the key length to at least 2048, but higher is better. For the key type, simply accept the default which is RSA and RSA. When you execute the gpg –full-generate-key command, you will be presented with a number of options to configure your key. sudo apt install gnupg2 gnupg git rng-tools Note that we assume here that you do not have any secret GPG keys on your system yet. To install gopass on your Debian/Apt based Linux distribution (Like Ubuntu and Mint), you will need to execute the following commands in your terminal. If you are using another operating system like MacOS or Fedora, please see the gopass GitHub installation documentation. Installing gopass is quite straightforward on Ubuntu, Mint, and Debian. A final consideration was for gopass to be extensible, and we can see this realized through browser plugins for example. At the same time, gopass was designed with a high level of security in mind. One can use gopass on Linux, on Mac, on BSD and even on Windows! gopass was designed to be an easy-to-use program for technical users who are used to the command line. $ – requires linux-commands to be executed as a regular non-privileged userĪt first, a person may be turned off by the fact that gopass is a command line based password manager, but once you find out there are browser plugins for popular browsers, a well maintained codebase and community, a clean and well documented website, and a clear list of security tradeoffs, things may change. # – requires linux-commands to be executed with root privileges either directly as a root user or by use of sudo command Requirements, Conventions or Software Version UsedĪny utility which is not included in the Bash shell by default can be installed using sudo apt-get install utility-name (or yum install for RedHat based systems) The Nigerians are at least only interested in our money, the others want to control our lives.Save Your Passwords at the Command Line With gopass (With Browser Plugins!) Software requirements and conventions used Software Requirements and Linux Command Line Conventions Category Seriously, we need to be more afraid of our "friendly" government agencies than we should be afraid of Nigerian spammers or Russian or Chinese hackers. And what the Americans don't intercept, GCHQ in Britain does. For example, here in Germany, all Internet traffic is being routed through DE-CIX in Frankfurt, and all traffic going through there is mirrored - not by German intelligence services, but by US intelligence services. This is not paranoia, since Edward Snowden all suspicions have been confirmed. It also doesn't matter whether that information is stored locally or on some cloud storage: The moment you use your credentials, they are being sent over the Internet, and all that Internet traffic -is- being intercepted at your ISP's core routers. Let's state the obvious, gentlemen: All these things will at best protect you from nosy neighbors and script kiddies, but none of them will protect you from your own government. The fork of TrueCrypt, which in turn had a major security flaw that made its encrpytion easily breakable, which was the reason why the project was abandoned? The best "enterprise-level" commercial application for that purpose that I have seen, unfortunately, is extremely expensive and requires a Windows Server: Mateso Password Safe. It seems to be the most viable option, especially on Linux. I work at the Max Planck Society and KeePassXC is being used by many people at many of our institutes, simply because it is free and available on all major platforms. I've yet to see a password manager that is usable and "impressive".
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |