KeePass is a password management utility for Windows, Linux, and Mac.
The first section describes the steps needed to setup KeyPass2 in Linux and how to add FireFox and Chrome plugin integrations.
The (optional) second section documents a robust way to automatically synchronize the password DB across multiple devices.
$ sudo apt-get install -y keepass2
$ keepass2
-
If you do not already have a database file, create a new one in
~/or desired location. This is your local interactive copy for reading/modifying on the local machine. -
If you want to add Firefox integration, you can use either the PassIFox or KeeFox addons. Both addons require additional Mono libs to talk to the KeePass process.
$ sudo sh -c 'mkdir /usr/lib/keepass2/plugins'
-
Install the required system dependencies:
$ sudo apt-get install mono-mcs libmono-system-management4.0-cil $ sudo apt-get install libmono-system-numerics4.0-cil -
Install the KeeFox plugin at: https://addons.mozilla.org/en-US/firefox/addon/keefox/
-
Copy the KeePass RPC plugin the Keepass plugin dir:
$ sudo cp $HOME/.mozilla/firefox/*.default/extensions/keefox@chris.tomlinson/deps/KeePassRPC.plgx /usr/lib/keepass2/plugins/ -
Restart KeePass.
-
Install the required system dependencies:
$ sudo apt-get install mono-mcs libmono-system-xml-linq4.0-cil libmono-system-data-datasetextensions4.0-cil $ sudo apt-get install libmono-system-runtime-serialization4.0-cil -
Install the KeePassHttp plugin:
$ sudo wget -P /usr/lib/keepass2/plugins https://raw.github.com/pfn/keepasshttp/master/KeePassHttp.plgx $ sudo chmod 644 /usr/lib/keepass2/plugins/KeePassHttp.plgx -
Restart KeePass
-
Setup KeePassHttp using the Tools->KeePassHttp Options... menu item.
-
Install the PassIFox plugin at: https://addons.mozilla.org/en-US/firefox/addon/passifox/
-
In Firefox Preferences->Security, enable Remember logins for sites
-
In Firefox, click the pop-up Connect button that will display under the search bar.
-
Chose a name for the browser. A good name should include Host and the Browser Name, and click Save.
-
Install the required system dependencies:
$ sudo apt-get install mono-mcs libmono-system-xml-linq4.0-cil libmono-system-data-datasetextensions4.0-cil $ sudo apt-get install libmono-system-runtime-serialization4.0-cil -
Install the KeePassHttp plugin:
$ sudo wget -P /usr/lib/keepass2/plugins https://raw.github.com/pfn/keepasshttp/master/KeePassHttp.plgx $ sudo chmod 644 /usr/lib/keepass2/plugins/KeePassHttp.plgx -
Restart KeePass
-
Setup KeePassHttp using the Tools->KeePassHttp Options... menu item.
-
Install the ChromeIPass plugin at: https://chrome.google.com/webstore/detail/chromeipass/ompiailgknfdndiefoaoiligalphfdae?hl=en
-
Click the new ChromIPass menu bar icon in the top-right corner of Chrome, then press Connect.
-
Chose a name for the browser. A good name should include Host and the Browser Name, and click Save.
After installing the KeePass application and at least one browser extension, the next step is to configure KeePass to synchronize your DB file for every machine you need to use KeePass on.
The first step is to make sure the passwords are actively saved. This prevents any syncing issues when you forget to save a DB change before leaving your workstation.
- Open the Triggers dialog using Tools->Triggers menu.
- Click Add...
- Set the trigger name to AutoSave, now go to Events tab.
- Click Add...*
- Select user interface state updated
- Click OK, now go to Conditions tab.
- Click Add...*
- Select Database has unsaved changes
- Click OK, now go to Actions tab.
- Click Add...*
- Select Save active database
- Click OK and Finish.
This trigger updates your local KeePass database anytime you open KeePass to access a password.
- Open the Triggers dialog using Tools->Triggers menu.
- Click Add...
- Set the trigger name to AutoSync on Open
- Now go to Events tab.
- Click Add...*
- Select Opened datbase file
- If you only want to sync a specific database, set the file to
/home/user/passwords.kdbx(i.e. your local password DB). Leave the input blank to sync all databases. - Click OK, now go to Conditions tab.
- Click Add...*
- Select File exists, enter
/home/user/Dropbox/passwords-sync.kdbxin the input box. - Click OK, now go to Actions tab.
- Click Add...*
- Select Synchronize active database with file/URL*, enter
/home/user/Dropbox/passwords-sync.kbxin the input box. - Click OK and Finish.
The next trigger will ensure that when KeyPass becomes idle, the DB will synchronize any changes back to Dropbox. However, the trigger is disabled by default so synchronization only happens when the DB has changed.
Even if you only use KeePass on one system you can follow these steps to have a backup of your password database.
- First, login and install the Dropbox client software. The following steps
assumes your Dropbox share is available at
/home/user/Dropbox - Open the Triggers dialog using Tools->Triggers menu.
- Click Add...
- Set the trigger name to AutoSync on Close
- Uncheck the Initially on box to prevent running until triggered.
- Check Turn off after executing actions (run once) to only run one time after the DB is saved.
- Now go to Events tab.
- Click Add...*
- Select Closing datbase file (after saving)
- If you only want to sync a specific database, set the file to
/home/user/passwords.kdbx(i.e. your local password DB). Leave the input blank to sync all databases. - Click OK, now go to Conditions tab.
- Click Add...*
- Select File exists, enter
/home/user/Dropbox/passwords-sync.kdbxin the input box. - Click OK, now go to Actions tab.
- Click Add...*
- Select Change trigger on/off state, and set the state to Off.
- Click OK, click Add...*
- Select Synchronize active database with file/URL*, enter
/home/user/Dropbox/passwords-sync.kbxin the input box. - Click OK and Add...*
- Select Change trigger on/off state, and set the state to On.
- Click OK and Finish.
This is a third trigger that will enable the previous synchronization trigger whenever your local DB is saved (i.e. modified).
- Open the Triggers dialog using Tools->Triggers menu.
- Click Add...
- Set the trigger name to Enable AutoSync on Save, now go to Events tab.
- Click Add...*
- Select Saved database file
- Click OK, now go to Actions tab.
- Click Add...*
- Select Changed trigger on/off state, enter
AutoSync on Closein the input box. - Click OK and Finish.
Finally, make sure your database is set to lock after inactivity.
- Open the options menu, Tools->Options.
- Click the check box Lock workspace after KeePass inactivity
- Set the default value to 10 seconds as a good default for testing. Increase later after you verify the sync is working. Note: Restart KeePass if Lock feature does not work.
- Click OK
There is a hidden feature in the KeePass config file that can be set to hide the database syncing progress dialog box. It improves the UI making the synching operations less obvious.
-
Close KeePass.
-
Open
~/.config/KeePass/KeePass.config.xml -
Go to the end of the
<UI>tag block -
Add the line:
<ShowImportStatusDialog>false</ShowImportStatusDialog> -
Save the file.