this post was submitted on 20 Oct 2024
537 points (95.6% liked)

Open Source

31218 readers
232 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
 

Pull request #10974 introduces the @bitwarden/sdk-internal dependency which is needed to build the desktop client. The dependency contains a licence statement which contains the following clause:

You may not use this SDK to develop applications for use with software other than Bitwarden (including non-compatible implementations of Bitwarden) or to develop another SDK.

This violates freedom 0.

It is not possible to build desktop-v2024.10.0 (or, likely, current master) without removing this dependency.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 3 weeks ago* (last edited 3 weeks ago) (2 children)

pass is enough (+ xdotool + rofi + pass-menu). Synchronization via git or Syncthing.

[–] [email protected] 1 points 3 weeks ago (3 children)

How does this play with mobile?

[–] [email protected] 5 points 3 weeks ago* (last edited 3 weeks ago) (1 children)

as another option this KeePassXC(PC)+radicale+DAVx5 The same for KeepassDX

[–] [email protected] 2 points 3 weeks ago (1 children)

Radicale+DavX5 is for calendars and contacts, no? How does this work for passwords

[–] [email protected] 2 points 3 weeks ago

for passwords no way, as you noted it is for calendars and contacts

[–] [email protected] 3 points 3 weeks ago (1 children)

There's an Android app, but it's not being developed any more https://github.com/android-password-store/Android-Password-Store

There's an iOS app as well https://mssun.github.io/passforios/

They have a list with all the clients and other tools on their website
https://www.passwordstore.org/#other

[–] [email protected] 3 points 3 weeks ago

besides everything else, the end of support for syncthing-android, yes, that's a real blow to the gut.

[–] [email protected] 2 points 3 weeks ago* (last edited 3 weeks ago)

Integration with Android

The GnuPG implementation for Android is called OpenKeychain. To configure it, just go to the "key management" menu and import the previously created secret key. The only drawback of OpenKeychain for me personally is that there is no fingerprint unlocking.

The pass implementation for Android is called android-password-store, or simply APS.

Install and launch APS. Before synchronizing the password store, go to the "Settings" menu. There we will need the following items:

  1. Git server settings. The resulting URL should be the same as that specified on the repository page on github. Authorization type - OpenKeychain.

  2. Git utils. In this section, specify the username and email from the gpg key.

  3. OpenPGP provider. Select OpenKeychain.

  4. Autofill.

Now you can clone. Select "clone from server" on the main screen, specify the desired location of the repository, check the git settings.

Of course, pass is not that easy to set up. However, this price buys confidence that the tools we use will not one day be declared obsolete, will not change their data format, and will not be left without support.

[–] [email protected] 1 points 3 weeks ago (1 children)

I'm familiar with pass and familiar-ish with rofi. What do the other two do?

[–] [email protected] 2 points 3 weeks ago* (last edited 3 weeks ago) (1 children)

A small script for entering passwords into various windows via rofi, I take passwords from pass.

Example script:

#!/bin/bash
# Sample file rofi_pass.sh
passwords=$(find /home/fireshell/.password-store/ -type f -name *.gpg)
selected_pass=$(echo -e "$passwords" | awk -F "/" '{printf "%s > %s\n", $5, $6}' | rofi -dmenu -p Pass)
item=$(echo "$selected_pass" | awk '{printf "%s/%s", $1, $3}' | sed 's/\.gpg//g')
data=$(pass show $item)
pass=$(echo -e "$data" | head -n1)
login=$(echo -e "$data" | grep -e "^login: " | sed 's/^login: //g')
xdotool type "$login"
xdotool key Tab
xdotool type "$pass"

In awesome wm I bound a key that calls it like this:

awful.key({ modkey}, "p", function () awful.spawn.with_shell("/home/fireshell/Scripts/rofi_pass.sh") end    ,
{description = "rofi pass", group = "launcher"}),  

I turn on the computer, press the key combination and the script works, or I run this script from the terminal (~/Scripts/rofi_pass.sh), select the password - it works (if necessary, pinentry is called to enter the main password), after that I press the key combination, select the desired entry

passmenu: extremely useful and wonderful dmenu script.

[–] [email protected] 2 points 3 weeks ago

I was copying and pasteing from pass but that looks much cooler, thanks!