Password Manager Daemon is a server that provides a way for applications to securely store and retrieve data at a centralized location. The data is stored in an XML file and clients connect and send commands to manipulate the data. Some of the features include: * Multi-threaded. More than one client may access the data at the same time. * Optional data file encryption with a configurable cipher. * A key cache so clients won't need to enter a key each time a file is opened or saved. * Key retrieval via pinentry(1). * Local Unix Domain Socket connections which can safely be accessed remotely over an SSH channel when using libpwmd(3). * Configuration file which supports file specific settings including: encryption iterations, cache expiration and encryption key or key file and more. * Compressed data file support. * Logging to file and/or syslog. * Secure memory usage. PWMD will zero out memory before freeing it and also has the option to lock the entire process in RAM to avoid swapping the data to virtual memory. I needed this because I use a few applications that require the same credentials but hate having to update all those configuration files to reflect any changes. This way, there is a central location for the needed data. Requirements: ------------- C99 compiler - http://www.gnu.org/software/gcc Is a good choice. libpth2 - http://www.gnu.org/software/pth/pth.html Portable multi-threading library. libgpg-error - http://www.gnupg.org Error handling. glib2 - http://www.gtk.org Portability library among other things. libxml2 - http://xmlsoft.org For XML parsing and data manipulation. libgcrypt - http://www.gnupg.org Encryption, decryption and hashing. libz - http://www.zlib.net For compressing the data file. Version 1.2.2.1 or later is required. pinentry - http://www.gnupg.org/aegypten There are various interfaces for password entry: console/curses, X11/GTK2, X11/QT. The X11 versions also support console/curses. Version 0.7.5 or later is required unless --disable-pinentry is passed to ./configure. cracklib2 - http://sourceforge.net/projects/cracklib If --enable-quality is passed to ./configure then a password quality meter is used with pinentry. Optional. libacl - ftp://acl.bestbits.at To retain an ACL for a data file. Optional. Installation: ------------- ./configure && make install If the build succeeded run 'pwmd'. This will start the server and wait for connections to ~/.pwmd/socket. Connecting: ----------- Any program that can connect to a UNIX domain socket will work: socat UNIX-CONNECT:$HOME/.pwmd/socket - echo command | pwmc filename Libpwmd is a library making it easy for applications to use pwmd. There is also a command line pwmd client "pwmc" included. You can find it at the pwmd homepage. There are also some patches already written (some could use improvement) for a few apps too. Read COMMANDS for protocol commands and syntax. GIT Repository -------------- There is a public GIT repository available at repo.or.cz. Anonymous checkouts can be done by: git clone git://repo.or.cz/pwmd.git The gitweb interface can be viewed at http://repo.or.cz/w/pwmd.git. Please feel free to send me any patches, bug reports or feature requests. Ben Kibbey <bjk@luxsci.net> Jabber: bjk AT thiessen DOT org - (bjk) FreeNode/OFTC http://bjk.sourceforge.net/pwmd/