Disclaimer: I am not an investment advisor. When I describe my own trading activities, it is not intended as advice or solicitation of any kind.

21 November 2011

Applications: PasswordSafe

See Time For a Change for the first in this series, or check out the index to see all the posts dealing with Arch Linux. Today I will set up PasswordSafe, an open source password manager. But first some information about this excellent program.

There are a number of password managers out there with various features that they hope will differentiate them from the others. PasswordSafe is one of the oldest and simplest ones available. All good password management programs should have a few key features:
  • Really strong, proven crypto - all your sensitive passwords are going in this thing; if you can't trust it to keep them safe, don't use it.
  • Offline database storage - I don't trust another company to store my passwords; I want to know that the file is encrypted well, and I want it on my hard drive. My hard drives are backed up, and they won't get bought up by Oracle or go out of business with my data.
  • Configurable random password generation - with a good password manager, you should only need to remember one more password for the rest of your life. That means the rest of them can be completely random, which is way stronger than "Tr0ub4dor&3".
  • Copy/paste password use - you shouldn't have to type passwords stored in the database; just copy/paste them into the password entry field. This is more convenient and more secure, since it defeats a keylogger.
  • Paranoid clipboard management - the system-wide clipboard is accessible by any program running, including malware. A good password manager will give you options on how aggressively it will clear the clipboard of your sensitive password.
There are many other nice-to-have features, like the ability to run on a USB key, good organization capabilities so you can find things quickly, username/password auto-type, and a software keyboard for accessing the database in case you fear a keylogger might be installed.

PasswordSafe, as you might expect from my preferred application, has all these features and more. Being open-source, it has verifiably strong crypto: anyone can peruse the code and do their best to crack it. It's OK if you're not skilled in crypto-cracking... it's enough to know that other very talented individuals have leveled their weapons at it for many years and its strength is proven. It stores everything in a single data file (encrypted, obviously), which you can put anywhere you want. It treats it like a document, so you can have multiple password databases if you want. Being a simple file, you can back it up, copy it around, synchronize it with Dropbox, whatever your desire and comfort level dictates. Double-click entries to copy the password into your clipboard, which is cleared a configurable time later.

Password generation can be configured application-wide or by individual entry, in case a particular site has unusual requirements; or you can type in an existing password, too. One little trick I like to do is to put my credit card numbers in as passwords and include the expiration date in the username, which is displayed in the list. This lets me copy/paste my credit card # into an online store checkout page without fat-fingering it.

Important note: the PasswordSafe I know and trust is at http://passwordsafe.sourceforge.net/ - there is also a "passwordsafe.com" website that purports to have a password manager called "HyperPassword". I have no idea if this is a good program or not. If you want to use what I know and trust, use the SourceForge link. It's not that I mistrust this other one, per se, but PasswordSafe is well-proven, has an excellent pedigree, and doesn't go off and buy a domain name that might sow confusion. That's a tactic used by malware (PDF, see page 6).

For the longest time, PasswordSafe was developed only for Windows. Being open-source, eventually some Linux developers got involved and ported it to WxWidgets, a cross-platform GUI library. Open-source projects like this typically provide binaries for Windows, since Windows doesn't come with build tools. Then if it supports Linux, there is always a source-based distribution so that users can build it for their Linux distro of choice. Eventually, there may also be binary distributions for various popular distros, Ubuntu usually being the first. PasswordSafe has just barely reached this final stage. Linux support has been marked "beta", probably forever, and the only binaries for Linux are for 32-bit Ubuntu/Debian.

Now, I could just run PasswordSafe's Windows version under Wine on any Linux distro I choose. Doing so is easy: just download the Windows installer and run it - Wine takes over and goes through all the installer steps. But that's cheating! This application is open-source, and it runs fine on 32-bit Ubuntu. Making it run on 64-bit Arch might be a challenge, but it's possible.

Full disclosure: A few months ago I managed to make it work on 32-bit Arch for other reasons. I had to change code to do it, which I posted to the PasswordSafe bug-tracking forum; they responded and told me my changes had been incorporated into the next release, which is now out. But whether that will translate into an easier 64-bit experience is anyone's guess. There is no package for PasswordSafe in the AUR, either, so I'm really on my own for this one.

I will be skipping some the mundane steps in this install, since I expect a more complicated journey. After downloading and extracting the source archive, I perused the Linux installation instructions, which only provide instructions for installing the Ubuntu/Debian binaries, and the Linux Development ReadMe, which was last updated in November 2010. Yeah, on my own here. Most Linux source archives follow the "configure ; make" paradigm, but that didn't work in this case because no one built a configure script. So I tried just "make release", based on experiences with the 32-bit installation, first installing the Xerces-C XML parsing library and the wxWidgets GTK library as per the year-old ReadMe. Wonder of wonders, it built the first time! They must have gotten my changes applied successfully.

Unlike more polished Makefiles, this one leaves the binary buried under the src/ui/wxWidgets/GCCUnicodeRelease subdirectory. I went ahead and ran pwsafe from this directory, and after an error message about help not being available, the application started right up and waited for me to use it. This is a success already, but I would prefer not to see an error message on every startup.

Not being an installer, "make" doesn't put the in-application help repository anywhere helpful. The expected location for that file is hard-coded to be /usr/share/doc/passwordsafe/help/help.zip. But there didn't appear to be a help.zip file anywhere in the source tree after building. Looking through the Makefile.linux file at the top level, it looked like there was no build action for "help", unlike with Windows. So I did it by hand based on what I found in the Makefile.windows by typing "make -C ./help", which built help.zip, as well as several other languages (helpES.zip, helpFR.zip, etc). Then as root I copied help.zip to its expected location and tried again to run pwsafe. Sure enough, no error message, and clicking the Help button brought up the help window.

I don't really use the on-screen keyboard, because I don't fear a keylogger on my home system. But for completeness I gave it a try, and saw an error message in my console window: execvp(xvkbd) failed. It turns out that xvkbd is a package that wasn't listed in the Linux Developer ReadMe, so I installed that via pacman and tried again. Success!

Now that all the pre-authentication stuff is working, it's time to move on to the meat of the application. Unwilling to potentially corrupt my password database, I opted to create a new one. That way I can also put in fake credentials and be unafraid of posting screenshots. I went ahead and added several groups and passwords without incident, using both generated and hand-entered passwords.

Double-clicking an entry did successfully load the password into the paste buffer. However, when I tried the Auto-Type feature, which is supposed to take the selected username and password and paste them into the active window, separated by a TAB, I got some interesting results. I performed Auto-Type into a text editor so I could view the results directly. The screenshot below is the fully-exposed details for my "Tenth-Sixth Checking" account (click to zoom in).

When I use Auto-Type, however, I get: "Ipa.gif;>gpd" (tab) "hs,l<gkjHadhoa". Now, Auto-Type is not a feature I really use, so this is really just an amusing bug, but the interesting thing is that this apparent nonsense string of characters is exactly what I would get if I was typing in QWERTY on my Dvorak keyboard. That must mean that: (a) PasswordSafe is sending fake keypresses, not letters, when it does an Auto-Type; and (b) it pays no attention to the keyboard layout settings, even though I set them at both the operating system and XWindows levels. Sure enough, I found a bug report from a German keyboard user with a similar issue, and the devs had already responded saying it was probably a bug having to do with hard-coded keyboard layouts. I added my own experience to the comment tree in case it helped them figure it out. Since I don't really use Auto-Type, as I noted above, this doesn't slow me down.

One last issue that I won't try to solve because it doesn't really matter is the system tray icon. PasswordSafe tries to give some visual feedback so the user knows whether the safe is "open" (accessible) or "closed" (requires a password to access). In Windows, these two icons look fine, but on my Arch/KDE system, they look like they have some erasing issues. The slightly magnified compound picture below from left to right is Windows Open, Windows Closed, Linux Open, Linux Closed. Again, not a show-stopper, just a little strange. By the way, my Linux taskbar is a little bigger than on my Windows machine, so the size difference is to be expected.

Even the Windows icons, seen magnified, look pretty bad. Seems like a nice vector image in the form of an SVG would be a good idea... but I suspect that wouldn't work on Windows.

The final acid test was to open my real database (after backing it up of course), make some changes, and then attempt to use it again from my host machine. No problems whatsoever! 

Overall, this went far more smoothly than I expected. Having dealt with the compile issues previously and waited long enough for the devs to get the updated release out there definitely helped.

The only thing left is Bacula for backups. I have been putting that off because it is such a pain to set up, and because I will need to redo the VirtualBox networking in order to test it completely.

Next: Bacula
Or check out the index.

No comments:

Post a Comment