keepassx updating

[William Unruh]

I ahve about 3 computers on which I have keepassx to store my passwords. I may
update a password in one of them, but then the others are out of sync. Is
there any way I can sync the various keepassx databases so that they all
contain the latest passwords for any entry (and the latest entries if I have
added a new one on one of my machines.) I not that keepassx has the
modification time of an entry.

[Dan Purgert]

Put the database file in a shared location, perhaps?


--
|_|O|_| Registered Linux user #585947
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5 4AEE 8E11 DDF3 1279 A281

[Mike Easter]

I didn't read the article/page yet, just a quick scan/glance; but this
looks like it might be helpful.

https://keepass.info/help/v2/sync.html KeePass 2.x features a powerful,
built-in synchronization mechanism. Changes made in multiple copies of a
database file can be merged safely. ... The synchronization algorithm is
rather complex and it would take many pages to describe in detail how
it's working.


--
Mike Easter

[William Unruh]

Unfortunately I think keepassx and keepass are two different programs.

>
>

[Mike Easter]

William Unruh wrote:

> Mike Easter wrote:
>> William Unruh wrote:
>>> I ahve about 3 computers on which I have keepassx to store my passwords. I may
>>> update a password in one of them, but then the others are out of sync. Is
>>> there any way I can sync the various keepassx databases so that they all
>>> contain the latest passwords for any entry (and the latest entries if I have
>>> added a new one on one of my machines.) I not that keepassx has the
>>> modification time of an entry.
>>>

At first read, I didn't appreciate the keepass*X* distinction, but...

>> KeePass 2.x features a powerful,
>> built-in synchronization mechanism.
>

> Unfortunately I think keepassx and keepass are two different programs.
>

Here's what the wonderful Arch doc dudes have to say:

https://wiki.archlinux.org/index.php/KeePass KeePassX — Started as a
Linux port of KeePass. keepassx2 uses the KeePass 2.x format, but can
import 1.x databases.


So, those words (precisely) must mean that altho' the keepass2 format is
supported, maybe sync won't work. Or maybe the words mean something
else....


--
Mike Easter

[Mike Easter]

Mike Easter wrote:
> William Unruh wrote:

>> Mike Easter wrote:

>>> KeePass 2.x features a powerful,
>>> built-in synchronization mechanism.
>>
>> Unfortunately I think keepassx and keepass are two different programs.
>>
> Here's what the wonderful Arch doc dudes have to say:
>
> https://wiki.archlinux.org/index.php/KeePass  KeePassX — Started as a
> Linux port of KeePass. keepassx2 uses the KeePass 2.x format, but can
> import 1.x databases.
>
>
> So, those words (precisely) must mean that altho' the keepass2 format is
> supported, maybe sync won't work.  Or maybe the words mean something
> else....
>

I'm reading the words again; if the keepass2 format is supported then
maybe one would expect the sync to work, since it is the db that is
getting sync/ed....

... or ...

... maybe the sync /won't/ work; because the 'power' of the sync/ing is
a feature of the *program*/code, not the 'condition'/status of the db.

Aha.

https://aegisnet.de/2015/02/10/securely-synchronize-keepassx-data-between-computers.html
Securely synchronize your KeepassX Passwords


(Examples dropbox and local storage)


--
Mike Easter

[William Unruh]

On 2018-05-15, Mike Easter <Mi...@ster.invalid> wrote:

I suppose it means that one could use keePass to sync the two databases, and
then use the result in keepassx2.

But that would be a real and dangerous pain.
>
>

[William Unruh]

On 2018-05-15, Mike Easter <Mi...@ster.invalid> wrote:

I read that. I think it means that you have a single database on some one
location and then have your keepassx on the various computers use that one
database. Since there is onlyone, it is easy to sync.
Since when I am in Ulan Bator, the chances of my being able to use a database
in Vancouver are pretty slim this is not a great option.

>
>

[stepore]

On 05/15/2018 01:45 PM, William Unruh wrote:
> I read that. I think it means that you have a single database on some one
> location and then have your keepassx on the various computers use that one
> database. Since there is onlyone, it is easy to sync.
> Since when I am in Ulan Bator, the chances of my being able to use a database
> in Vancouver are pretty slim this is not a great option.

Why? It's pretty much how _cloud_ services work. Use one of your boxes
as your personal cloud.

With a free dynamic DNS service, Set up OpenVPN or SSHFS to get to your
database and you're gold from anywhere in the world.

[Carlos E.R.]

On 2018-05-16 06:45, stepore wrote:
> On 05/15/2018 01:45 PM, William Unruh wrote:
>> I read that. I think it means that you have a single database on some one
>> location and then have your keepassx on the various computers use that
>> one
>> database. Since there is onlyone, it is easy to sync.
>> Since when I am in Ulan Bator, the chances of my being able to use a
>> database
>> in Vancouver are pretty slim this is not a great option.
>
> Why? It's pretty much how _cloud_ services work. Use one of your boxes
> as your personal cloud.

For which you need the password(s) that are stored in...

>
> With a free dynamic DNS service, Set up OpenVPN or SSHFS to get to your
> database and you're gold from anywhere in the world.

Sure, you can use that when abroad on the move.

--
Cheers, Carlos.

[stepore]

On 05/16/2018 04:14 AM, Carlos E.R. wrote:

>> Why? It's pretty much how _cloud_ services work. Use one of your boxes
>> as your personal cloud.
>
> For which you need the password(s) that are stored in...

Not sure I understand the point you're trying to make?

>> With a free dynamic DNS service, Set up OpenVPN or SSHFS to get to your
>> database and you're gold from anywhere in the world.
>
> Sure, you can use that when abroad on the move.

Right. So...

[Carlos E.R.]

On 2018-05-17 06:57, stepore wrote:
> On 05/16/2018 04:14 AM, Carlos E.R. wrote:
>
>>> Why? It's pretty much how _cloud_ services work. Use one of your boxes
>>> as your personal cloud.
>>
>> For which you need the password(s) that are stored in...
>
> Not sure I understand the point you're trying to make?

That the password to the cloud services etc are stored in the keepassx
database. So, no access.

>>> With a free dynamic DNS service, Set up OpenVPN or SSHFS to get to your
>>> database and you're gold from anywhere in the world.
>>
>> Sure, you can use that when abroad on the move.
>
> Right. So...

That was an irony. No, I can't access internet when on the move,
depending on the country.

--
Cheers, Carlos.

[stepore]

On 05/17/2018 05:41 AM, Carlos E.R. wrote:
> That the password to the cloud services etc are stored in the keepassx
> database. So, no access.

I'm still not getting your point. Maybe literally spell it out for me.
Are you saying you won't be able to get into keepass which then stores
your cloud passwords so you're hosed? I don't know what you mean.

> That was an irony. No, I can't access internet when on the move,
> depending on the country.

But then you couldn't get them either if you used a cloud-based service?

Maybe I think you were trashing my little hacky way to set this up as
your own "cloud" service rather than using an actual cloud service when
you really were agreeing with me? I'm confused, but it seems as though
you're putting down the idea of your own "cloud" solution.

Either way, it works for me.

[Dan Purgert]

stepore wrote:
> On 05/17/2018 05:41 AM, Carlos E.R. wrote:
>> That the password to the cloud services etc are stored in the keepassx
>> database. So, no access.
>
> I'm still not getting your point. Maybe literally spell it out for me.
> Are you saying you won't be able to get into keepass which then stores
> your cloud passwords so you're hosed? I don't know what you mean.

I believe his point is "how can I connect to a cloud service to sync my
password database when the password to connect to said service is in the
database itself?"

Yes, he is completely ignoring the point that the database would likely
be contained on the host itself (e.g. in the "sync" folder).

[William Unruh]

On 2018-05-18, stepore <lins...@here.now> wrote:
> On 05/17/2018 05:41 AM, Carlos E.R. wrote:
>> That the password to the cloud services etc are stored in the keepassx
>> database. So, no access.
>
> I'm still not getting your point. Maybe literally spell it out for me.
> Are you saying you won't be able to get into keepass which then stores
> your cloud passwords so you're hosed? I don't know what you mean.

His assumpiton is that you meant a cloud server somewhere for example in the
USA. You have to log on to use the cloud server. But the password you need on
the keepassx located on the cloud. Ie, you cannot get the password you need to
use the could to store your passwords.

>
>
>> That was an irony. No, I can't access internet when on the move,
>> depending on the country.
>
> But then you couldn't get them either if you used a cloud-based service?
>
> Maybe I think you were trashing my little hacky way to set this up as
> your own "cloud" service rather than using an actual cloud service when
> you really were agreeing with me? I'm confused, but it seems as though

> you're putting down the idea of your oown "cloud" solution.

Not sure what Your own cloud solution means.

[stepore]

On 05/17/2018 08:04 PM, William Unruh wrote:
> His assumpiton is that you meant a cloud server somewhere for example in the
> USA. You have to log on to use the cloud server. But the password you need on
> the keepassx located on the cloud. Ie, you cannot get the password you need to
> use the could to store your passwords.

This is, by definition, how any password manager works. No matter where
it lives. Whether in this proverbial _cloud_ (someone else's server) or
your own servers in your own home that you can access from anywhere in
the world. Clouds don't exist. They're all just servers. Normally just
someone else's servers. The point is you must remember 1 master password
to access the damn thing. Which obviously can't be contained in the
database of the password manager.

> Not sure what Your own cloud solution means.

My own boxes with my own services running at home where I control
completely, which I can access from anywhere. Not shit hosted on
somebody else's servers. You know, Cloud!
<https://i.redd.it/l4bu591x5syy.jpg>

[Bobbie Sellers]

So soon enough widespread facial recognition capacity
should be enough to access your own devices and your cloud
storage from that initial facial recognition. With maybe
special coding for identical people like tattoos in shades
difficult for people to even notice but easily seen with
optical filtration on the software. Most identicals would
be twins but Triplets and so forth are real now but in the
future it might have to deal with cloned people.

So don't make your problem too insoluble because
tech will solve it soon enough and give us fresh new problems
at a different level.

Cloudless
bliss

--
bliss dash SF 4 ever at dslextreme dot com

[Carlos E.R.]

On 2018-05-18 06:46, stepore wrote:
> On 05/17/2018 08:04 PM, William Unruh wrote:
>> His assumpiton is that you meant a cloud server somewhere for example
>> in the
>> USA. You have to log on to use the cloud server. But the password you
>> need on
>> the keepassx located on the cloud. Ie, you cannot get the password you
>> need to
>> use the could to store your passwords.
>
> This is, by definition, how any password manager works. No matter where
> it lives. Whether in this proverbial _cloud_ (someone else's server) or
> your own servers in your own home that you can access from anywhere in
> the world. Clouds don't exist. They're all just servers. Normally just
> someone else's servers. The point is you must remember 1 master password
> to access the damn thing. Which obviously can't be contained in the
> database of the password manager.

Two passwords. One for the cloud service, another for the master
password of the password database.

--
Cheers, Carlos.

[Carlos E.R.]

On 2018-05-18 07:25, Bobbie Sellers wrote:

>     So soon enough widespread facial recognition capacity
> should be enough to access your own devices and your cloud
> storage from that initial facial recognition.  With maybe
> special coding for identical people like tattoos in shades
> difficult for people to even notice but easily seen with
> optical filtration on the software.  Most identicals would
> be twins but Triplets and so forth are real now but in the
> future it might have to deal with cloned people.
>
>     So don't make your problem too insoluble because
> tech will solve it soon enough and give us fresh new problems
> at a different level.

That has a security issue.

At the end, there will be a file that stores (securely) some map or
signatures of your face. Or your fingerprint, or eye blood vessels,
whatever. And it will have to be stored at each site where you identify
yourself.

Now, suppose one of these is compromised, and the bad guys gain access
to your face data and clone it. After all, it is just a file somewhere.
Even if it is a rom.

From that point, they can gain access to your data by using another
compromised device, that instead of looking at your face, looks at or
loads data generated from that file they got on the previous step.
Perhaps the bud guy wears a good enough head mask. Even a robotized face
clone. They can access your private data stored on the cloud, or gain
access to your house, whatever.

You may find this out, but hey, you can not change your face.


The idea is not mine, I saw it mentioned about fingerprint readers on
phones.


--
Cheers, Carlos.

[theta]

I have just been SSHing into my home box and running KpCLI. On my desktop
itself i run KpCLI or KeePassXC. You could also put the key database file
on a NextCloud synced folder or simply setup a cronjob to rsync your
database back to home.

[wimpunk]

I just put my keepass file on my google drive and sync the google drive on
my systems.

[William Unruh]

And hand all your passwords to google for it to break your password on the
file? You trust them that much?
>