The post somebody had about Wifi not working reminded me of a question I had about the installation. @ben79 said this:
I did the same when I installed, and then I was surprised that after the install, Wifi was already connected to my home network. However, in the Live CD, KDE asks a question about the wallet: should it use GPG or Blowfish, and what should the password be? Assuming this was just for the Live CD and nothing would be saved, I picked Blowfish with no password.
Did this configuration get copied to my install? I honestly haven’t seen that GPG or Blowfish dialog since the KDE 4 days If so, maybe I should change my KDE Wallet password to match my log in password…
Thanks; it did. I think it won’t, however, if you set the password to something different from your log in password. This should probably be documented somewhere as a best practice, or maybe the wifi connection/wallet config should not be transferred as part of the install.
I recently bought a Yubico nano and I have been setting up accounts to work with it. I think my second one will arrive tomorrow, so I will have a backup. I intend to add keepassxc to use these devices. I have a usb port on the side of my keyboard and this is very convenient.
I have not decided where to stash the second one. Maybe one of the birdhouses.
Not only passwords, but you can secure your SSH keys in keepassxc as it can integrate it with ssh-agent to add and remove your ssh keys when you unlock or lock your keepass database.
For anyone wondering how to do that, KeePassXC have a FAQ on the topic Documentation and FAQ – KeePassXC and also have a dedicated documentation section in their user guide about SSH Agent Integration and setting it up.
I have been using KeePassXC for this task for a number of years, once setup and configured it is seamless with SSH keys being removed from ssh-agent when I lock my computer or database, and being re-added to ssh-agent again automatically when I unlock my KeepassXC database.
That’s really cool, and one of the things I keep meaning to get to. I have keepassxc, but just for storing browser passwords on my personal machine (which isn’t running OM yet). Since I have two machines I have to work with every day (work one runs OM), I use Syncthing to keep my ssh keys in sync and a symbolic link pointing ~/.ssh to the directory in the share.
Would I be able to use a shared keepassxc database, synced with Syncthing, to do this, rather than the symlink?
In any case you could setup a demo/testing keepass database and test it out with that rather than risking your main DB until you know it is all working okay.
We used a shared keepass at work and just had it on a network share and it synced properly, so I guess it should work with Syncthing also. Only thing is that if you make changes on several machines and want to save it, never override it when asked, otherwise the newly added data gets overwritten.
Thanks, but I have no need for Windows anything. I haven’t used Windows at all since 2007 (when I switched jobs to an open source company that encourages Linux use), and it hasn’t been on any of my personal machines since about 1998, when I switched to the original Mandrake Linux.
That’s really nice to hear. Right now, I’m using Syncthing to sync it to my phone, but I only read it on my phone. I haven’t tried writing to it from two different places yet. It seems like it should be safe, because keepassxc times out and closes the database if you don’t use it for a few minutes.
I use a shared database from a location on my LAN to access it on different machines (where it is shared from is also further secured).
My setup in that regard sounds similar to what @mKay is describing with it being on a network share, all machines that I have it set up on can access it without causing any database issues using the file settings I have configured.
I have KeePassXC’s Basic Settings > File Management section configured in a way that makes a backup before saving any changes [as a basic safety precaution so that I can rollback to IF I ever need to which I have not had to resort to using thusfar, but its there for the day IF decides to arrive.].
I also have it set to Automatically reload the database when modified externally - IMO this is the crucial option to enable on all clients accessing the same database when you are sharing a database as it ensures the database is reloaded on each client when the database gets modified, this avoids the potential situation when clients are sharing a database when a client may overwrite an updated database file with old data because that client has not reloaded the modified file before making any changes.
I do not know if your KeePassXC compatible phone software has the option to Automatically reload the database when modified externally like the desktop client does as you never stated which software you are using on your phone, anyway if it does have such an option I would turn it on so that it mimics the desktop client behaviour in that way.
If so, maybe I should change my KDE Wallet password to match my log in password…
