I’m using Vaultgarden. Things are okay after losing my SSD yesterday morning. My strategy worked… HDD for data, SSD for the OS. I promptly found an available drive, installed Linux mint and recovered.

But that was scary. I keep a backup on another computer. The only way to actually run it and see the passwords needed to do anything was thru my phone. I was lucky that somehow the database was available offline. But if I had run out of battery I would be extremely screwed.

So I’ve decided the Vaultgarden is encumbered by not really having a local reliable copy. Maybe I’m wrong, but as I understand, if your server goes down and you log out, you’re screwed… No more passwords until your server is up again. I find that to be extremely stupid unless I was protecting my severed testicles… No wait, that would be way worse.

So I’d there a server + local system? Like Joplin… You can write notes all day with no server at all. The server just Synchronizes it all. In the past I used syncthing and I will continue using it. One thought was to have an automated backup from Vaultgarden that was automatically synced to my various devices as a Keypass database.

  • captcha_incorrect@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    ·
    8 hours ago

    I use KeePassXC + Strongbox (iOS) and sync it with Syncthing. I have a server always running so if I save a change on my computer, it will always be synced to the server. I use an iPhone 13 so I have to use möbius sync and it is not perfect, I have to manually open the app to make sure it syncs (something iOS background usage something). I also have an old Android phone that also syncs my kbdx file. You could have a RPI Zero (or any other kind computer) as a cheep backup solution just for Syncthing.

  • ExLisper@lemmy.curiana.net
    link
    fedilink
    English
    arrow-up
    2
    ·
    8 hours ago

    I tried some keypass tools and immediately went back to Vaultwarden. Bitwarden clients work offline until you have to sync, no risks here, but the user experience is way way better. It’s easier to add new accounts, search for them, store additional data like addresses or credit cards and fill them out automatically. I can imagine using keePass for some password I have to access once a week but not for everyday use in my browser and on mobile.

  • vapeloki@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    10 hours ago

    Pass. Uses pgp for encrypting your password and git for storing them.

    Has mobile apps, browser plugins, desktop frontend and a bunch of cool plugins like rotation helpers

  • Matt The Horwood@lemmy.horwood.cloud
    link
    fedilink
    English
    arrow-up
    5
    arrow-down
    1
    ·
    15 hours ago

    You all need to get on vaultwarden, the small self host bitwarden. I move to that after my keypass db got out of sync on my nextcloud for the second time that day, I’ve not looked back.

  • curbstickle@anarchist.nexusM
    link
    fedilink
    English
    arrow-up
    11
    ·
    24 hours ago

    That would just be keepass, which is what I use.

    Keepass has native support for ftp, http, https, and webdav, and with a plugin supports scp, sftp, and ftps through the native save/open from url. There are even plugins for proton drive, google drive, onedrive, s3, box, dropbox… etc.

    What else do you need/what do you need a fork for?

    • Lka1988@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      7
      ·
      23 hours ago

      Keepass has native support for ftp, http, https, and webdav, and with a plugin supports scp, sftp, and ftps through the native save/open from url. There are even plugins for proton drive, google drive, onedrive, s3, box, dropbox… etc.

      Important distinction: The OG KeePass desktop program supports that. KeePass XC (popular fork for Linux users, which includes OP) does not, and the maintainers have loudly rejected any attempts to add it.

      It’s the only reason I still run the OG KeePass on my work laptop; webdav is the only way I can access my password database within the restrictions of my employer’s policies. I would prefer to run XC.

      • GreyEyedGhost@piefed.ca
        link
        fedilink
        English
        arrow-up
        3
        ·
        16 hours ago

        While you’re correct, you can merge databases with KeePassXC, which just means the method of syncing is separate. So you could have a shared folder using one of those methods you mentioned to sync and just merge it in regularly. Certainly not as simple, but does solve the problem.

  • frongt@lemmy.zip
    link
    fedilink
    English
    arrow-up
    9
    arrow-down
    1
    ·
    24 hours ago

    Vaultwarden?

    You can write notes all day with no server at all. The server just Synchronizes it all.

    Yes, that’s exactly how it works right now. Clients will keep a local copy of the database, so even if the server goes away for a while, you can still use it.

    But you had the backup, you restored it, everything worked properly. I’m not sure what the issue is here.

    • zikzak025@lemmy.world
      link
      fedilink
      English
      arrow-up
      11
      ·
      edit-2
      9 hours ago

      Just don’t count on the current Bitwarden client being compatible with Vaultwarden forever. Bitwarden’s new CEO is pushing to make more profit wherever possible, and recently rescinded the statement from the company’s website that the client would be free forever.

      They’ll never be able to walk back the open source nature of the product, but they can choose to make their client incompatible with Vaultwarden and push for the centrally hosted option as the only option.

      Not sure if anyone’s forked the Bitwarden client yet, but that’s how I’d start using Vaultwarden if the option exists.

      Or, you know, skip the headache and just start using Keepass.

    • altphoto@lemmy.todayOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      23 hours ago

      I just feel uneasy about not knowing exactly where the database is and how to keep it safe. I thought that database just went poof if you logged out.

      • frongt@lemmy.zip
        link
        fedilink
        English
        arrow-up
        3
        arrow-down
        1
        ·
        22 hours ago

        It’s on your server, and whenever you keep your backup. I don’t know if it keeps a local copy on your phone when you log out or not. Generally I just don’t log out.

  • Lka1988@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    6
    ·
    23 hours ago

    So I’d there a server + local system? Like Joplin… You can write notes all day with no server at all. The server just Synchronizes it all. In the past I used syncthing and I will continue using it. One thought was to have an automated backup from Vaultgarden that was automatically synced to my various devices as a Keypass database.

    This is exactly how I use KeePass, and is fully supported as well. Set it up, import the VW database (might need some fuckery to do so, I’ve not played with VW), place the KeePass database in a location that makes sense to you on your device, then sync that folder via Syncthing to your other devices.

    You’re using Linux, obviously, and the OG KeePass program was never written for Linux, so you’ll want a fork called KeePass XC. Unfortunately, the XC team doesn’t support plugins, but that should be a non-issue if you’re using Syncthing. Just point XC at the folder that’s being synced and you’re golden.

    What other platforms are you using? Android? iOS? Windows? There are many forks of KeePass available for every platform. they are all cross-compatible and can utilize the same database.

    I was lucky that somehow the database was available offline.

    That’s how BW/VW is supposed to work. It retains a local database that syncs with the main server.

    • curbstickle_lw@lemmy.worldM
      link
      fedilink
      English
      arrow-up
      1
      ·
      5 hours ago

      OG KeePass program was never written for Linux

      It’ll run with mono, package is named keepass2 on deb, keepass on arch and fedora, among others.

      https://keepass.info/download.html

      Contributed/unofficial keepass section at the bottom, the top contributed section is a list of ports

    • mbirth 🇬🇧@lemmy.ml
      link
      fedilink
      English
      arrow-up
      5
      ·
      23 hours ago

      That’s what I settled for as well. Keeping my *.kdbx file in iCloud, doing nightly backups to my NAS, and using Strongbox as a client (there’s also KeePassium with similar features) - which beautifully integrates into Apple’s AutoFill API, so it feels native - i.e. as if you’re using Apple’s Passwords app. And I can access all passwords from Windows using KeePassXC as well.

  • MasterBlaster@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    ·
    20 hours ago

    Well, the approach I use is “synology Drive” and I replicate it down to all clients. Also, NAS 6 with regular offline backups on the server.

    Lacking an equivalent, there are multiple peer to peer replication tools. I used one to replicate Balder’s Gate III saves between gaming laptops.

    If you decide to build something, plz try to make it a pluggable feature to existing clients rather than fork one or more implementations.