Thursday, 11 August 2011

Using KeePassX on Multiple Machines

One of the problems of having multiple PCs is that of keeping data synchronized. For instance, over recent weeks, keeping three password databases up-to-date has become rather irksome!

There's no ideal solution to this inconvenience, but a single database, accessible by every (authorised) machine on your network, does seem to be the best option. Fortunately, establishing a centralized data source using KeePassX as your password manager and a network attached storage device (nas) turns out to be rather simple. The only fly in the ointment is that the Linux version of KeePassX doesn't natively support samba so you have to mount your network drive, either manually (if you access your passwords only infrequently) or automatically at boot (if your make more frequent use of your password manager), in order for KeePassX to read the data source. Either way, the process is straightforward:

  1. Copy your database to your network drive. Don't export your data - copy the existing .kdb database. Exporting your data creates either a .xml or a plain text file, neither of which is encrypted and therefore readable by anyone who can access the directory.
  2. Follow these instructions to create your new mountpoint and Windows share on each machine that requires access to the data source.
  3. After testing your share (sudo mount -a), open your database using the KeePassX interface (File, Open Database...) and, after entering your password, add the path to your KeePassX bookmarks (File, Bookmarks, Add Bookmark).

Now you should delete (or, better still, archive) your local file in order to ensure that you only work on a single database. The advantage is that you will always have a current database regardless of the machine you happen to be using. Moreover, the first user to open the database locks the data preventing write conflicts. However, there are a couple of potential problems:

  • Unless you have a VPN link to your NAS, you can only access your database from inside your network (i.e. if you're on the road, you won't be able to access your data unless you have a copy on a portable drive).
  • You'll need to make provision for backing-up your database.

Notwithstanding these two minor issues, managing your database this way solves the problem of syncing data across multiple machines.

Sources & References:

1 comment:

  1. Ubuntu method also worked on Mageia 2 after adding user to sudoers. Thanks