Password Manager Daemon is a server that provides a way for applications to
securely store and retrieve data at a centralized location. The data is stored
in an XML file and clients connect and send commands to manipulate the data.
Some of the features include:
* Multi-threaded. More than one client may access the data at the same
time.
* Optional data file encryption with a configurable cipher.
* A key cache so clients won't need to enter a key each time a file is
opened or saved.
* Key retrieval via pinentry(1).
* Local Unix Domain Socket connections which can safely be accessed
remotely over an SSH channel when using libpwmd(3).
* Configuration file which supports file specific settings including:
encryption iterations, cache expiration and encryption key or key file
and more.
* Compressed data file support.
* Logging to file and/or syslog.
* Secure memory usage. PWMD will zero out memory before freeing it and
also has the option to lock the entire process in RAM to avoid swapping
the data to virtual memory.
I needed this because I use a few applications that require the same
credentials but hate having to update all those configuration files to reflect
any changes. This way, there is a central location for the needed data.
Requirements:
-------------
C99 compiler - http://www.gnu.org/software/gcc
Is a good choice.
libpth2 - http://www.gnu.org/software/pth/pth.html
Portable multi-threading library.
libgpg-error - http://www.gnupg.org
Error handling.
glib2 - http://www.gtk.org
Portability library among other things.
libxml2 - http://xmlsoft.org
For XML parsing and data manipulation.
libgcrypt - http://www.gnupg.org
Encryption, decryption and hashing.
libz - http://www.zlib.net
For compressing the data file. Version 1.2.2.1 or later is
required.
pinentry - http://www.gnupg.org/aegypten
There are various interfaces for password entry:
console/curses, X11/GTK2, X11/QT. The X11 versions also
support console/curses. Version 0.7.5 or later is required
unless --disable-pinentry is passed to ./configure.
cracklib2 - http://sourceforge.net/projects/cracklib
If --enable-quality is passed to ./configure then a
password quality meter is used with pinentry. Optional.
libacl - ftp://acl.bestbits.at
To retain an ACL for a data file. Optional.
Installation:
-------------
./configure && make install
If the build succeeded run 'pwmd'. This will start the server and wait for
connections to ~/.pwmd/socket.
Connecting:
-----------
Any program that can connect to a UNIX domain socket will work:
socat UNIX-CONNECT:$HOME/.pwmd/socket -
echo command | pwmc filename
Libpwmd is a library making it easy for applications to use pwmd. There is
also a command line pwmd client "pwmc" included. You can find it at the pwmd
homepage. There are also some patches already written (some could use
improvement) for a few apps too.
Read COMMANDS for protocol commands and syntax.
GIT Repository
--------------
There is a public GIT repository available at repo.or.cz. Anonymous checkouts
can be done by:
git clone git://repo.or.cz/pwmd.git
The gitweb interface can be viewed at http://repo.or.cz/w/pwmd.git.
Please feel free to send me any patches, bug reports or feature requests.
Ben Kibbey <bjk@luxsci.net>
Jabber: bjk AT thiessen DOT org - (bjk) FreeNode/OFTC
http://bjk.sourceforge.net/pwmd/
distrib
>
Fedora
>
14
>
x86_64
>
media
>
updates
>
by-pkgid
>
f7794aed8da06287bee6f6ac1ef501f6
>
files
>
6
