Re: [CentOS] KeePassX replacement

2017-09-21 Thread Sorin Srbu 
> -Original Message-
> From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of H
> Sent: den 21 september 2017 00:35
> To: centos@centos.org
> Subject: Re: [CentOS] KeePassX replacement
> 
> I have installed keypass2android on my phones which should be able to use
> the same database but have not tried it to see how to actually use a
> password manager on a touchscreen device... Apparently there are also
> concerns about apps having "unlimited" access to the clipboard so one
> should use the keepass2android keyboard. Sounds like a hassle...

Incidentally a colleague suggested Lastpass. He however uses it with a
YUBI-dongle though.

Installed Googles Authenticator on my Android phone to test stuff, which is
"sort of" a similar take as the dongle.

Do any of you also use a Yubi-dongle for securing stuff like this?
I feel it seems like a hassle with another gadget to keep track of.

--
//Sorin
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] KeePassX replacement

2017-09-20 Thread H 

On 09/19/2017 05:18 AM, Sorin Srbu wrote:

-Original Message-
From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of FHDATA
Sent: den 18 september 2017 18:10
To: CentOS mailing list <centos@centos.org>
Subject: Re: [CentOS] KeePassX replacement

On Mon, 18 Sep 2017, Valeri Galtsev wrote:


You may have reasons to prefer KeePassX over KeePass 2, though.

I for one use keepassx. My password database is synchronized between
variety of systems, and I can view/edit it on: CentOS, FreeBSD, MS
Windows, Android (and should be able on any derivatives of those). I
didn't try iOS as currently I don't have a need in that.

Incidentally, does anybody know if there is any necessity in keepassx to
be patched? Did I read the original post correctly: there is no activity
on the development site for long time? Should there be any? (As, I would
say for comparison: cvs is so established software that there is no
development to expect, only if there are any security holes found those
need to be patched). Any insight on KeePassX anybody?

Valeri

hello

using keepassx probably for 10 years or so across linux,win,mac,ios

in late 2015 there was a security issue found and folks @ keepassx.org
patched it fairly  quickly and patch propagated
up to epel quickly as well ...

passwd manager {non-cloud ones} , in my opinion,
is a "static"  concept ...
unless no issues with the underlying frameworks,
what's there to patch ...

-

OT-sidetrack:

What is/are a good cloud-less password manager if I'd need it in a
cross-platform scenario;  Windows, CentOS, Ubuntu and Android?

A cloud enabled manager would be okay I guess if I could move the password
database to say my own private cloud and be able to access it from there
from all platforms.

KeepassX seemed like a good choice until I found out it didn't do Android.

Suggestions greatly appreciated!

Thanks.

--
//Sorin
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos


I have installed keypass2android on my phones which should be able to use the same 
database but have not tried it to see how to actually use a password manager on a 
touchscreen device... Apparently there are also concerns about apps having 
"unlimited" access to the clipboard so one should use the keepass2android 
keyboard. Sounds like a hassle...

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] KeePassX replacement

2017-09-20 Thread H 

On 09/18/2017 11:54 AM, Valeri Galtsev wrote:

On Sat, September 16, 2017 1:45 pm, Yves Bellefeuille wrote:

H  wrote:


I have been using the KeePassX password manager on CentOS 6 and 7 for
some time and it works pretty well. On my Windows machine I use
KeePass which offers a number of features missing from KeePassX, I
also sync the database between several machines, including Android
units where I use keepass2android. Database compatibility is thus
required.

Are you aware that KeePass 2 works under Linux, with mono? There are
also ports for Android, but I've never tried them.

You may have reasons to prefer KeePassX over KeePass 2, though.

I for one use keepassx. My password database is synchronized between
variety of systems, and I can view/edit it on: CentOS, FreeBSD, MS
Windows, Android (and should be able on any derivatives of those). I
didn't try iOS as currently I don't have a need in that.

Incidentally, does anybody know if there is any necessity in keepassx to
be patched? Did I read the original post correctly: there is no activity
on the development site for long time? Should there be any? (As, I would
say for comparison: cvs is so established software that there is no
development to expect, only if there are any security holes found those
need to be patched). Any insight on KeePassX anybody?

Valeri


--
Yves Bellefeuille


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos




Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos


I found KeePassX for Linux lacking compared to KeePass on Windows, specifically:

- It does not support references; and

- When switching keyboards, characters in the password (possibly even userid) 
are switched, almost like it is storing key codes rather than characters. Big 
annoyance for me since I need to make sure to always switch back to the US 
English keyboard when using AutoFill.

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] KeePassX replacement

2017-09-20 Thread H 

On 09/16/2017 11:25 AM, Phil Perry wrote:

On 16/09/17 16:05, Phil Perry wrote:

The only other potential issue I see is that the latest KeePassXC requires a 
newer version of libgcrypt, which the repo above packages as libgcrypt16 
(libgcrypt version 1.6.6) on el7. The release of 1.6 broke ABI compatibility 
with version 1.5 in el7. I have not tried building KeePassXC against 
libgcrypt-1.5 in el7 to know if that is viable.




I've just looked at the ABI changes, and can confirm that the latest version of 
KeePassXC uses the GCRY_CIPHER_SALSA20 cipher function added in libgcrypt-1.6, 
so users will also need to install a newer version of libgcrypt alongside 
version 1.5 in el7.

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos


OK

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] KeePassX replacement

2017-09-20 Thread H 

On 09/16/2017 06:55 AM, Tom Longfield wrote:

I have been using KeePassXC (though mostly on Debian) for quite a while now and 
am happy to report it works well.  Nothing springs to mind that annoys me and 
it's a decent drop in replacement.
My setup sounds pretty similar to your own (also use keepass2android, though 
not KeePass on Windows).

I would be inclined to compile from source yourself rather than use an 
unofficial repo you have no reason to trust for such a sensitive application.

I'm not trying to besmirch the good name of copr.fedorainfracloud.org/bugzy but 
I've never heard of them and if you hadn't either that would give me pause for 
thought before I let their binaries at my passwords.

On Fri 15 Sep 2017 @ 21:43, H wrote:

I have been using the KeePassX password manager on CentOS 6 and 7 for some time 
and it works pretty well. On my Windows machine I use KeePass which offers a 
number of features missing from KeePassX, I also sync the database between 
several machines, including Android units where I use keepass2android. Database 
compatibility is thus required.

KeePassX, however, does not seem to be maintained any more, the last update was 
just a bit less than a year ago. It also has some annoying bugs, including 
where switching keyboards on the computer corrupts the username and the 
password if they include any character outside the ASCII range.

There seems to be a community fork called KeePassXC and I would like to ask if 
anyone is using this password manager? It is not in EPEL, nor in any other 
standard repository, only through an unofficial repository at 
https://copr.fedorainfracloud.org/coprs/bugzy/keepassxc/,

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos




___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos


Ok, thanks. How does it compare feature wise with KeePass on Windows?

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] KeePassX replacement

2017-09-19 Thread Sorin Srbu 
-Original Message-
From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of Valeri Galtsev
Sent: den 19 september 2017 17:16
To: CentOS mailing list <centos@centos.org>
Subject: Re: [CentOS] KeePassX replacement

> OT-sidetrack:
>
> What is/are a good cloud-less password manager if I'd need it in a
> cross-platform scenario;  Windows, CentOS, Ubuntu and Android?
>
> A cloud enabled manager would be okay I guess if I could move the password
> database to say my own private cloud and be able to access it from there
> from all platforms.
>
> KeepassX seemed like a good choice until I found out it didn't do Android.

When I mentioned I use KeePassX on FreeBSD, Linux, Windows and Android, I
failed to mention the name of Android application I access KeePassX
database with. It is

KeePassDroid

With KeePassDroid in the mix all of your system choices seem to be covered.


I also didn't mention that when we choose application like that we
investigate how well security wise the author(s) thought it through.
KeePassX shined in that respect from multiple prospectives. I joined then
the support for nomination of KeeePassX author for award (never new if he
won that). One of the features I remember that impressed me: it creates
encryption key from your passphrase by hashing that about 1,000,000 times
over and over again. This basically slows brute force attack by the same
factor. That time I estimated that if I lost, say, my pocket device and
bad guys got hold of my keepassx encrypted password database, they will
need about a Month to crack that if they have at their disposal whole
composed computing power of my University. So, I have plenty of time to
change all passwords if that happens.

This if why we stay with the tools we chose for long-long time: it takes
significant effort to select the great ones. It is almost same costly
effort as hiring new employee.

Just my $0.02

Valeri

--

Thanks Valeri!

I've until now stayed away from password managers, so I can't really tell
which ones are "okay" to use from a security point.

Googling for "best secure password manager list" gives everybody and their
dogs opinions.

Suggestions from users on this list ranks higher in my book. ;-)

Now, this KeePassDroid though. Is it trustable?
As they say, no chain is stronger than the weakest link.

--
//Sorin
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] KeePassX replacement

2017-09-19 Thread Valeri Galtsev 

On Tue, September 19, 2017 4:18 am, Sorin Srbu wrote:
> -Original Message-
> From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of FHDATA
> Sent: den 18 september 2017 18:10
> To: CentOS mailing list <centos@centos.org>
> Subject: Re: [CentOS] KeePassX replacement
>
> On Mon, 18 Sep 2017, Valeri Galtsev wrote:
>
>>> You may have reasons to prefer KeePassX over KeePass 2, though.
>>
>> I for one use keepassx. My password database is synchronized between
>> variety of systems, and I can view/edit it on: CentOS, FreeBSD, MS
>> Windows, Android (and should be able on any derivatives of those). I
>> didn't try iOS as currently I don't have a need in that.
>>
>> Incidentally, does anybody know if there is any necessity in keepassx to
>> be patched? Did I read the original post correctly: there is no activity
>> on the development site for long time? Should there be any? (As, I would
>> say for comparison: cvs is so established software that there is no
>> development to expect, only if there are any security holes found those
>> need to be patched). Any insight on KeePassX anybody?
>>
>> Valeri
>
> hello
>
> using keepassx probably for 10 years or so across linux,win,mac,ios
>
> in late 2015 there was a security issue found and folks @ keepassx.org
> patched it fairly  quickly and patch propagated
> up to epel quickly as well ...
>
> passwd manager {non-cloud ones} , in my opinion,
> is a "static"  concept ...
> unless no issues with the underlying frameworks,
> what's there to patch ...
>
> -
>
> OT-sidetrack:
>
> What is/are a good cloud-less password manager if I'd need it in a
> cross-platform scenario;  Windows, CentOS, Ubuntu and Android?
>
> A cloud enabled manager would be okay I guess if I could move the password
> database to say my own private cloud and be able to access it from there
> from all platforms.
>
> KeepassX seemed like a good choice until I found out it didn't do Android.

When I mentioned I use KeePassX on FreeBSD, Linux, Windows and Android, I
failed to mention the name of Android application I access KeePassX
database with. It is

KeePassDroid

With KeePassDroid in the mix all of your system choices seem to be covered.


I also didn't mention that when we choose application like that we
investigate how well security wise the author(s) thought it through.
KeePassX shined in that respect from multiple prospectives. I joined then
the support for nomination of KeeePassX author for award (never new if he
won that). One of the features I remember that impressed me: it creates
encryption key from your passphrase by hashing that about 1,000,000 times
over and over again. This basically slows brute force attack by the same
factor. That time I estimated that if I lost, say, my pocket device and
bad guys got hold of my keepassx encrypted password database, they will
need about a Month to crack that if they have at their disposal whole
composed computing power of my University. So, I have plenty of time to
change all passwords if that happens.

This if why we stay with the tools we chose for long-long time: it takes
significant effort to select the great ones. It is almost same costly
effort as hiring new employee.

Just my $0.02

Valeri


>
> Suggestions greatly appreciated!
>
> Thanks.
>
> --
> //Sorin
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>



Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] KeePassX replacement

2017-09-19 Thread H 
On September 19, 2017 7:53:47 AM EDT, Sorin Srbu <sorin.s...@orgfarm.uu.se> 
wrote:
>-Original Message-
>From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of Leon
>Fauster
>Sent: den 19 september 2017 13:44
>To: CentOS mailing list <centos@centos.org>
>Subject: Re: [CentOS] KeePassX replacement
>
>> Am 19.09.2017 um 11:18 schrieb Sorin Srbu <sorin.s...@orgfarm.uu.se>:
>> 
>> Suggestions greatly appreciated!
>
>https://www.passwordstore.org/
>
>--
>LF
>
>-
>
>Thanks!
>
>Is Passwordstora a de facto-standard with many of you on this list?
>
>
>--
>//Sorin
>___
>CentOS mailing list
>CentOS@centos.org
>https://lists.centos.org/mailman/listinfo/centos

I would not store my passwords at any site.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] KeePassX replacement

2017-09-19 Thread Sorin Srbu 
-Original Message-
From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of Leon Fauster
Sent: den 19 september 2017 13:44
To: CentOS mailing list <centos@centos.org>
Subject: Re: [CentOS] KeePassX replacement

> Am 19.09.2017 um 11:18 schrieb Sorin Srbu <sorin.s...@orgfarm.uu.se>:
> 
> Suggestions greatly appreciated!

https://www.passwordstore.org/

--
LF

-

Thanks!

Is Passwordstora a de facto-standard with many of you on this list?


--
//Sorin
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] KeePassX replacement

2017-09-19 Thread Leon Fauster 
> Am 19.09.2017 um 11:18 schrieb Sorin Srbu :
> 
> Suggestions greatly appreciated!

https://www.passwordstore.org/

--
LF

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] KeePassX replacement

2017-09-19 Thread Sorin Srbu 
-Original Message-
From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of FHDATA
Sent: den 18 september 2017 18:10
To: CentOS mailing list <centos@centos.org>
Subject: Re: [CentOS] KeePassX replacement

On Mon, 18 Sep 2017, Valeri Galtsev wrote:

>> You may have reasons to prefer KeePassX over KeePass 2, though.
>
> I for one use keepassx. My password database is synchronized between
> variety of systems, and I can view/edit it on: CentOS, FreeBSD, MS
> Windows, Android (and should be able on any derivatives of those). I
> didn't try iOS as currently I don't have a need in that.
>
> Incidentally, does anybody know if there is any necessity in keepassx to
> be patched? Did I read the original post correctly: there is no activity
> on the development site for long time? Should there be any? (As, I would
> say for comparison: cvs is so established software that there is no
> development to expect, only if there are any security holes found those
> need to be patched). Any insight on KeePassX anybody?
>
> Valeri

hello

using keepassx probably for 10 years or so across linux,win,mac,ios

in late 2015 there was a security issue found and folks @ keepassx.org
patched it fairly  quickly and patch propagated
up to epel quickly as well ...

passwd manager {non-cloud ones} , in my opinion,
is a "static"  concept ...
unless no issues with the underlying frameworks,
what's there to patch ...

-

OT-sidetrack: 

What is/are a good cloud-less password manager if I'd need it in a
cross-platform scenario;  Windows, CentOS, Ubuntu and Android?

A cloud enabled manager would be okay I guess if I could move the password
database to say my own private cloud and be able to access it from there
from all platforms.

KeepassX seemed like a good choice until I found out it didn't do Android.

Suggestions greatly appreciated!

Thanks.

--
//Sorin
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] KeePassX replacement

2017-09-18 Thread Leroy Tennison 
keepassx.org shows the latest release as October 2016 (and the main page shows 
"2005-2017" so someone is updating it), if I found the right keepass 2 
(keepass.info) it was updated in June 2017.  I do remember receiving a security 
alert to upgrade keepassx (since I use it) quite some time back (but not years 
ago).

- Original Message -
From: "Valeri Galtsev" <galt...@kicp.uchicago.edu>
To: "centos" <centos@centos.org>
Sent: Monday, September 18, 2017 10:54:05 AM
Subject: Re: [CentOS] KeePassX replacement

On Sat, September 16, 2017 1:45 pm, Yves Bellefeuille wrote:
> H <age...@meddatainc.com> wrote:
>
>> I have been using the KeePassX password manager on CentOS 6 and 7 for
>> some time and it works pretty well. On my Windows machine I use
>> KeePass which offers a number of features missing from KeePassX, I
>> also sync the database between several machines, including Android
>> units where I use keepass2android. Database compatibility is thus
>> required.
>
> Are you aware that KeePass 2 works under Linux, with mono? There are
> also ports for Android, but I've never tried them.
>
> You may have reasons to prefer KeePassX over KeePass 2, though.

I for one use keepassx. My password database is synchronized between
variety of systems, and I can view/edit it on: CentOS, FreeBSD, MS
Windows, Android (and should be able on any derivatives of those). I
didn't try iOS as currently I don't have a need in that.

Incidentally, does anybody know if there is any necessity in keepassx to
be patched? Did I read the original post correctly: there is no activity
on the development site for long time? Should there be any? (As, I would
say for comparison: cvs is so established software that there is no
development to expect, only if there are any security holes found those
need to be patched). Any insight on KeePassX anybody?

Valeri

>
> --
> Yves Bellefeuille
> <y...@storm.ca>
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>



Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] KeePassX replacement

2017-09-18 Thread FHDATA 

On Mon, 18 Sep 2017, Valeri Galtsev wrote:



On Sat, September 16, 2017 1:45 pm, Yves Bellefeuille wrote:

H  wrote:


I have been using the KeePassX password manager on CentOS 6 and 7 for
some time and it works pretty well. On my Windows machine I use
KeePass which offers a number of features missing from KeePassX, I
also sync the database between several machines, including Android
units where I use keepass2android. Database compatibility is thus
required.


Are you aware that KeePass 2 works under Linux, with mono? There are
also ports for Android, but I've never tried them.

You may have reasons to prefer KeePassX over KeePass 2, though.


I for one use keepassx. My password database is synchronized between
variety of systems, and I can view/edit it on: CentOS, FreeBSD, MS
Windows, Android (and should be able on any derivatives of those). I
didn't try iOS as currently I don't have a need in that.

Incidentally, does anybody know if there is any necessity in keepassx to
be patched? Did I read the original post correctly: there is no activity
on the development site for long time? Should there be any? (As, I would
say for comparison: cvs is so established software that there is no
development to expect, only if there are any security holes found those
need to be patched). Any insight on KeePassX anybody?

Valeri


hello

using keepassx probably for 10 years or so across linux,win,mac,ios

in late 2015 there was a security issue found and folks @ keepassx.org
patched it fairly  quickly and patch propagated
up to epel quickly as well ...

passwd manager {non-cloud ones} , in my opinion,
is a "static"  concept ...
unless no issues with the underlying frameworks,
what's there to patch ...


F-






--
Yves Bellefeuille


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos





Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] KeePassX replacement

2017-09-18 Thread Valeri Galtsev 

On Sat, September 16, 2017 1:45 pm, Yves Bellefeuille wrote:
> H  wrote:
>
>> I have been using the KeePassX password manager on CentOS 6 and 7 for
>> some time and it works pretty well. On my Windows machine I use
>> KeePass which offers a number of features missing from KeePassX, I
>> also sync the database between several machines, including Android
>> units where I use keepass2android. Database compatibility is thus
>> required.
>
> Are you aware that KeePass 2 works under Linux, with mono? There are
> also ports for Android, but I've never tried them.
>
> You may have reasons to prefer KeePassX over KeePass 2, though.

I for one use keepassx. My password database is synchronized between
variety of systems, and I can view/edit it on: CentOS, FreeBSD, MS
Windows, Android (and should be able on any derivatives of those). I
didn't try iOS as currently I don't have a need in that.

Incidentally, does anybody know if there is any necessity in keepassx to
be patched? Did I read the original post correctly: there is no activity
on the development site for long time? Should there be any? (As, I would
say for comparison: cvs is so established software that there is no
development to expect, only if there are any security holes found those
need to be patched). Any insight on KeePassX anybody?

Valeri

>
> --
> Yves Bellefeuille
> 
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>



Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] KeePassX replacement

2017-09-16 Thread tbuchanan 
G

Sent from IBM Verse


   Yves Bellefeuille --- Re: [CentOS] KeePassX replacement --- 
From:"Yves Bellefeuille" <y...@storm.ca>To:"CentOS mailing list" 
<centos@centos.org>Date:Sat, Sep 16, 2017 1:45 PMSubject:Re: [CentOS] KeePassX 
replacement
  
H <age...@meddatainc.com> wrote:> I have been using the KeePassX password 
manager on CentOS 6 and 7 for> some time and it works pretty well. On my 
Windows machine I use> KeePass which offers a number of features missing from 
KeePassX, I> also sync the database between several machines, including 
Android> units where I use keepass2android. Database compatibility is thus> 
required.Are you aware that KeePass 2 works under Linux, with mono? There 
arealso ports for Android, but I've never tried them.You may have reasons to 
prefer KeePassX over KeePass 2, though.-- Yves 
Bellefeuille<y...@storm.ca>___CentOS
 mailing listCentOS@centos.orghttps://lists.centos.org/mailman/listinfo/centos
 
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] KeePassX replacement

2017-09-16 Thread tbuchanan 


Sent from IBM Verse


   Yves Bellefeuille --- Re: [CentOS] KeePassX replacement --- 
From:"Yves Bellefeuille" <y...@storm.ca>To:"CentOS mailing list" 
<centos@centos.org>Date:Sat, Sep 16, 2017 1:45 PMSubject:Re: [CentOS] KeePassX 
replacement
  
H <age...@meddatainc.com> wrote:> I have been using the KeePassX password 
manager on CentOS 6 and 7 for> some time and it works pretty well. On my 
Windows machine I use> KeePass which offers a number of features missing from 
KeePassX, I> also sync the database between several machines, including 
Android> units where I use keepass2android. Database compatibility is thus> 
required.Are you aware that KeePass 2 works under Linux, with mono? There 
arealso ports for Android, but I've never tried them.You may have reasons to 
prefer KeePassX over KeePass 2, though.-- Yves 
Bellefeuille<y...@storm.ca>___CentOS
 mailing listCentOS@centos.orghttps://lists.centos.org/mailman/listinfo/centos
 
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] KeePassX replacement

2017-09-16 Thread tbuchanan 

Sent from IBM Verse


   Yves Bellefeuille --- Re: [CentOS] KeePassX replacement --- 
From:"Yves Bellefeuille" <y...@storm.ca>To:"CentOS mailing list" 
<centos@centos.org>Date:Sat, Sep 16, 2017 1:45 PMSubject:Re: [CentOS] KeePassX 
replacement
  
H <age...@meddatainc.com> wrote:> I have been using the KeePassX password 
manager on CentOS 6 and 7 for> some time and it works pretty well. On my 
Windows machine I use> KeePass which offers a number of features missing from 
KeePassX, I> also sync the database between several machines, including 
Android> units where I use keepass2android. Database compatibility is thus> 
required.Are you aware that KeePass 2 works under Linux, with mono? There 
arealso ports for Android, but I've never tried them.You may have reasons to 
prefer KeePassX over KeePass 2, though.-- Yves 
Bellefeuille<y...@storm.ca>___CentOS
 mailing listCentOS@centos.orghttps://lists.centos.org/mailman/listinfo/centos
 
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] KeePassX replacement

2017-09-16 Thread Yves Bellefeuille 
H  wrote:

> I have been using the KeePassX password manager on CentOS 6 and 7 for
> some time and it works pretty well. On my Windows machine I use
> KeePass which offers a number of features missing from KeePassX, I
> also sync the database between several machines, including Android
> units where I use keepass2android. Database compatibility is thus
> required.

Are you aware that KeePass 2 works under Linux, with mono? There are
also ports for Android, but I've never tried them.

You may have reasons to prefer KeePassX over KeePass 2, though.

-- 
Yves Bellefeuille


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] KeePassX replacement

2017-09-16 Thread Phil Perry 

On 16/09/17 16:05, Phil Perry wrote:
The only other potential issue I see is that the latest KeePassXC 
requires a newer version of libgcrypt, which the repo above packages as 
libgcrypt16 (libgcrypt version 1.6.6) on el7. The release of 1.6 broke 
ABI compatibility with version 1.5 in el7. I have not tried building 
KeePassXC against libgcrypt-1.5 in el7 to know if that is viable.





I've just looked at the ABI changes, and can confirm that the latest 
version of KeePassXC uses the GCRY_CIPHER_SALSA20 cipher function added 
in libgcrypt-1.6, so users will also need to install a newer version of 
libgcrypt alongside version 1.5 in el7.


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] KeePassX replacement

2017-09-16 Thread Phil Perry 

On 16/09/17 11:55, Tom Longfield wrote:
I have been using KeePassXC (though mostly on Debian) for quite a while 
now and am happy to report it works well.  Nothing springs to mind that 
annoys me and it's a decent drop in replacement.
My setup sounds pretty similar to your own (also use keepass2android, 
though not KeePass on Windows).


I would be inclined to compile from source yourself rather than use an 
unofficial repo you have no reason to trust for such a sensitive 
application.


I'm not trying to besmirch the good name of 
copr.fedorainfracloud.org/bugzy but I've never heard of them and if you 
hadn't either that would give me pause for thought before I let their 
binaries at my passwords.




I'm in a similar position presently, evaluating at password manager apps 
and had also come across that KeePassXC build.


I briefly installed the above package to evaluate and also intend to 
rebuild it for my own use. Another concern for me was the use of the 
'centos' dist tag when the package clearly isn't a 'centos' package. 
I've got as far as confirming the validity of the source tarball in the 
SRPM and checking the SPEC file. Everything looks fine, but as 
previously mentioned I would still rebuild such a sensitive package for 
my own use.


The only other potential issue I see is that the latest KeePassXC 
requires a newer version of libgcrypt, which the repo above packages as 
libgcrypt16 (libgcrypt version 1.6.6) on el7. The release of 1.6 broke 
ABI compatibility with version 1.5 in el7. I have not tried building 
KeePassXC against libgcrypt-1.5 in el7 to know if that is viable.




On Fri 15 Sep 2017 @ 21:43, H wrote:
I have been using the KeePassX password manager on CentOS 6 and 7 for 
some time and it works pretty well. On my Windows machine I use 
KeePass which offers a number of features missing from KeePassX, I 
also sync the database between several machines, including Android 
units where I use keepass2android. Database compatibility is thus 
required.


KeePassX, however, does not seem to be maintained any more, the last 
update was just a bit less than a year ago. It also has some annoying 
bugs, including where switching keyboards on the computer corrupts the 
username and the password if they include any character outside the 
ASCII range.


There seems to be a community fork called KeePassXC and I would like 
to ask if anyone is using this password manager? It is not in EPEL, 
nor in any other standard repository, only through an unofficial 
repository at https://copr.fedorainfracloud.org/coprs/bugzy/keepassxc/,



___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] KeePassX replacement

2017-09-16 Thread Zdenek Sedlak 
On 2017-09-16 12:55, Tom Longfield wrote:
> I have been using KeePassXC (though mostly on Debian) for quite a
> while now and am happy to report it works well.  Nothing springs to
> mind that annoys me and it's a decent drop in replacement.
> My setup sounds pretty similar to your own (also use keepass2android,
> though not KeePass on Windows).
>
> I would be inclined to compile from source yourself rather than use an
> unofficial repo you have no reason to trust for such a sensitive
> application.
>
> I'm not trying to besmirch the good name of
> copr.fedorainfracloud.org/bugzy but I've never heard of them and if
> you hadn't either that would give me pause for thought before I let
> their binaries at my passwords.
>
> On Fri 15 Sep 2017 @ 21:43, H wrote:
>> I have been using the KeePassX password manager on CentOS 6 and 7 for
>> some time and it works pretty well. On my Windows machine I use
>> KeePass which offers a number of features missing from KeePassX, I
>> also sync the database between several machines, including Android
>> units where I use keepass2android. Database compatibility is thus
>> required.
>>
>> KeePassX, however, does not seem to be maintained any more, the last
>> update was just a bit less than a year ago. It also has some annoying
>> bugs, including where switching keyboards on the computer corrupts
>> the username and the password if they include any character outside
>> the ASCII range.
>>
>> There seems to be a community fork called KeePassXC and I would like
>> to ask if anyone is using this password manager? It is not in EPEL,
>> nor in any other standard repository, only through an unofficial
>> repository at https://copr.fedorainfracloud.org/coprs/bugzy/keepassxc/,
>>
>> ___
>> CentOS mailing list
>> CentOS@centos.org
>> https://lists.centos.org/mailman/listinfo/centos
>
>
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
AFAIK the KeePassXC is a package in Fedora, so it could be trusted.

I replaced KeePassX 1.x with this with a extra step of upgrading to
KeePassX 2.x first.

//Zdenek
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] KeePassX replacement

2017-09-16 Thread Tom Longfield 
I have been using KeePassXC (though mostly on Debian) for quite a while now and 
am happy to report it works well.  Nothing springs to mind that annoys me and 
it's a decent drop in replacement. 

My setup sounds pretty similar to your own (also use keepass2android, though 
not KeePass on Windows).


I would be inclined to compile from source yourself rather than use an 
unofficial repo you have no reason to trust for such a sensitive application.


I'm not trying to besmirch the good name of copr.fedorainfracloud.org/bugzy but 
I've never heard of them and if you hadn't either that would give me pause for 
thought before I let their binaries at my passwords.


On Fri 15 Sep 2017 @ 21:43, H wrote:

I have been using the KeePassX password manager on CentOS 6 and 7 for some time 
and it works pretty well. On my Windows machine I use KeePass which offers a 
number of features missing from KeePassX, I also sync the database between 
several machines, including Android units where I use keepass2android. Database 
compatibility is thus required.

KeePassX, however, does not seem to be maintained any more, the last update was 
just a bit less than a year ago. It also has some annoying bugs, including 
where switching keyboards on the computer corrupts the username and the 
password if they include any character outside the ASCII range.

There seems to be a community fork called KeePassXC and I would like to ask if 
anyone is using this password manager? It is not in EPEL, nor in any other 
standard repository, only through an unofficial repository at 
https://copr.fedorainfracloud.org/coprs/bugzy/keepassxc/,

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos


--
Tom Longfield
e: tomlongfi...@gmail.com | t: 07507916719
PGP: 374C 705A 0CB4 783A 2692  A978 88A0 D5FC 5301 63FA


signature.asc
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] KeePassX replacement

2017-09-15 Thread H 

I have been using the KeePassX password manager on CentOS 6 and 7 for some time 
and it works pretty well. On my Windows machine I use KeePass which offers a 
number of features missing from KeePassX, I also sync the database between 
several machines, including Android units where I use keepass2android. Database 
compatibility is thus required.

KeePassX, however, does not seem to be maintained any more, the last update was 
just a bit less than a year ago. It also has some annoying bugs, including 
where switching keyboards on the computer corrupts the username and the 
password if they include any character outside the ASCII range.

There seems to be a community fork called KeePassXC and I would like to ask if 
anyone is using this password manager? It is not in EPEL, nor in any other 
standard repository, only through an unofficial repository at 
https://copr.fedorainfracloud.org/coprs/bugzy/keepassxc/,

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos