Looking for Some Software

Generally my posts here are in the form of information or answers. This one is really a question. I have been thinking about this problem for quite some time and looking for a solution and finally realized it made perfect sense to ask here. If I don't get a good answer, I will have to build my own and I will share the results with you folks.

I have a few hundred logins for various things. They include different things for TUX-related stuff such as my login to our computers, root access information, database user information and even this web site. I then have multiple email accounts and logins on different computers at home. Add to that login information for web sites where I have accounts--from freshmeat.net to powells.com. While some of this is remembered by my KDE wallet, all can't be and I am not always accessing these sites from this machine.

My currect "record keeping system" is a notebook. It is filled with scribbles, things crossed out and pointers to new pages. Efficient is not the word that comes to mind. For example, yesterday I was looking for the root password for a machine I seldom access. It took me about ten minutes to find it.

Having the notebook has taught me there is a lot more needed than just a list of machine name or URL, login and password. For example, for places where I order products, I would like to add a comment when I place an order that includes the order number and some shipping information. For a domain name (such as tuxmagazine.com) I want to know where the domain is registered and when that registration expires. I also want a record of renewals.

This is a simple database application. But, it also needs to be very secure. For that reason, I want something relatively self-contained. That is, I don't want a MySQL or PostgreSQL server somewhere. I want to be able to write the whole system--that is, the data and the program to access and update it--on a USB flash drive to lock away for safe keeping. Or possibly on an encrypted local filesystem.

Armed with that criteria I designed the tables I needed. There are only two: one with the URL, login name, password, a timestamp and an extra field for special considerations such as needing a security key. A second table is for comments. This allows multiple comment records to be associated with each entry in the first table.

Feeling confident this was easy I started looking at the obvious candidates such as OpenOffice.org base. To make a long story short, with the exception of Rekall, all what appeared to be easy solutions failed. Rekall is a possibility but I felt like this was not as easy as it should be. So, I went looking to see if someone else had written a similar solution. I found web-based solutions but they fail in an assortment of ways including being locally secure.

So, here I am today. No solution that makes me really happy. Any ideas?

fyl - Wed, 2006-12-06 08:47.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

http://www.geocities.com/ramix_info/passwordmanager.html

this is the one i use.

java based so it works on any OS and you can easily put it on your flash drive.

c - tact (not verified) - Sat, 2007-01-27 01:52.

Try PMS

Password Management System (PMS) is one that works pretty well. It's console bsaed and can, I believe, be compiled on windows. It does use curses though. I don't remember the homepage right now, so you'll have to google it.

An - ymous (not verified) - Thu, 2006-12-21 21:16.

Password Database

Try Gringott's - available from several repositories, but the main site appears to be gone.
or
Revelation - http://www.gnomefiles.org/app.php/Revelation

Lawrence MacIntyre (not verified) - Wed, 2006-12-20 07:47.

Looking for some software

I prefer to use a small Excel spreadsheet. I can take it anywhere, I can use it anywhere, almost any OS, no problem. I can search, sort, update easily, I can make copies, and it fits on a thumbdrive with a lot of room left over. Maybe the other programs are pretty good- but they are still other, more programs I'd have to worry about. You can always password it, save it, change the extension, and most folk will be clueless if they find it.

Gidgaf (not verified) - Tue, 2006-12-19 18:03.

SQLite

The first thing that came to my mind was to check out SQLite for the DB and use your favorite scripting language to code the frontend. Most (if not all) of the popular scripting languages have hooks to SQLite. So, for instance, you could code it up in PHP, Perl, Python, Ruby, etc. to have a browser-based frontend. The entire project, database and all, could be stored on a USB key and kept in a secure place.

Good luck,

Robert Aldridge

Robert Aldridge (not verified) - Tue, 2006-12-19 14:04.

Keepass, Keepassx and gpass

First, thanks for the two suggestions. Let me update you on my progress.

Keepass is available for an assortment of platforms. It is, however, clearly written with non-UNIXish systems in mind. It lacks traditional UNIX/Linux make files, for example. There is, however, Keepassx which was done for the X Window System.

Leaving out the geek part of not succeeding, there is a version for Kubuntu Edgy Eft. Unfortunately, my production systems are still running Dapper Drake. So, while I could have "made it work" I realized that wasn't going to be the solution for most TUX readers. So, on to Gpass.

Gpass is a standard package in Dapper so all I had to do was tell the package manager to install it. It did and works with no problems. That's the good news. But, as aways, there is some bad news.

  • It is a Gnome program and, therefore, requires Gnome libraries. Not surprising--that is the right way to write such a program--but it does mean the idea of just putting the program on a USB flash drive with the data will only work on systems with those libraries installed. This is not a big concern for me but I felt it worth mentioning.
  • More important is that the structure of having two tables--one for the actual logins with the ability to relate any number of comments to it--isn't there. It also isn't there in Keypass.

That said, Gpass looks to me to be a reasonable solution if you are willing to settle for something without the multiple-comment ability. It takes zero work to install and it is very intuitive. I would recommend it and will probably use it at least until I find what I want or take the time to write what I want.

Phil Hughes

fyl - Thu, 2006-12-07 07:24.

Looking For Some Software

Why not write a HTML page with Nvu or Mozilla-Compose. It would be searchable, but better yet, it would be viewable on any computer, regardless of the operating system?

amos (not verified) - Wed, 2006-12-27 15:01.

Try Gpass

The Gnome Password Manager works great for me!

Eugene (not verified) - Wed, 2006-12-06 18:48.

KeePass works for me

I've been using KeePass for a little while now. It's very secure (various forms of encryption), can be run from a thumb drive and works on Linux.

http://keepass.sourceforge.net/

You can add a comment to each entry and you can group your entries so that if you have ones you'd like to keep together (like it sounds like you might) you can.

Nate (not verified) - Wed, 2006-12-06 10:06.

In Search of Software

Check out PortableApps @ portableapps.com I know its meant to run under windows but all the apps are Linux based and it does work with linux+wine.
As it runs from a USB flash drive and writes nothing to the host computer, it is totaly secure.
Well worth a look

Chris (not verified) - Wed, 2006-12-20 07:41.

In search of software

Never thought to store passwords on one of my PCs or servers but I had a file on my Handspring and took it everywhere, users PCs, server rooms, home. When Handspring died I got a Palm TX with Passwords Plus. Not free nor as small as a USB stick but better than sticky notes or notepad and its faster to access than a file on my laptop. It came with version for WinXP so spouse has safe spot on home PC for passwords. Unfortunately its not been ported to Linux so my Linux PC losses out.

dmflad (not verified) - Wed, 2006-12-27 16:03.

Password database

Dude, create a folder in your favorite webmail server and send yourself an email with the info. Store the email in the webmail server folder, not your client. BTW, to use clients is insane, not secure.

An - ymous (not verified) - Fri, 2007-01-12 13:39.