GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → yousefvand → secret-service

yousefvand / secret-service

Licence: MIT license
Service to keep secrets of applications

Programming Languages

go
31211 projects - #10 most used programming language
shell
77523 projects
Roff
2310 projects

Labels

linuxcredentialskdearchlinuxpasswordkeyringmanjarosecret-service

Projects that are alternatives of or similar to secret-service

Autodesk-Fusion-360-for-Linux
This is a project, where I give you a way to use Autodesk Fusion 360 on Linux!
Stars: ✭ 810 (+1346.43%)
Mutual labels:  archlinux, manjaro
MIF
Файлик M.I.F. от проекта @plafonlinux
Stars: ✭ 41 (-26.79%)
Mutual labels:  kde, manjaro
toolbox
Collection of terminal applications for Manjaro and Arch based Systems (Bash TUI)
Stars: ✭ 12 (-78.57%)
Mutual labels:  archlinux, manjaro
pacman.store
Pacman Mirror via IPFS for ArchLinux, Endeavouros and Manjaro
Stars: ✭ 65 (+16.07%)
Mutual labels:  archlinux, manjaro
Upash
🔒Unified API for password hashing algorithms
Stars: ✭ 484 (+764.29%)
Mutual labels:  credentials, password
SOLIDWORKS-for-Linux
This is a project, where I give you a way to use SOLIDWORKS on Linux!
Stars: ✭ 122 (+117.86%)
Mutual labels:  archlinux, manjaro
archlinuxcn-dotfiles-collection
来自社区小伙伴们的 dotfiles 集锦
Stars: ✭ 73 (+30.36%)
Mutual labels:  kde, archlinux
scripts
Collection of useful scripts for Linux (git, docker, LUKS, Archlinux...)
Stars: ✭ 36 (-35.71%)
Mutual labels:  archlinux, manjaro
Buttercup Core
🎩 The mighty NodeJS password vault
Stars: ✭ 340 (+507.14%)
Mutual labels:  credentials, password
IMAPLoginTester
A simple Python script that reads a text file with lots of e-mails and passwords, and tries to check if those credentials are valid by trying to login on IMAP servers.
Stars: ✭ 47 (-16.07%)
Mutual labels:  credentials, password
vault-token-helper
@hashicorp Vault Token Helper for macOS, Linux and Windows with support for secure token storage and multiple Vault servers 🔐
Stars: ✭ 74 (+32.14%)
Mutual labels:  credentials, keyring
Dllpasswordfilterimplant
DLL Password Filter Implant with Exfiltration Capabilities
Stars: ✭ 107 (+91.07%)
Mutual labels:  credentials, password
Swifty
🔑 Free Offline Password Manager
Stars: ✭ 496 (+785.71%)
Mutual labels:  credentials, password
manjarno
Why you shouldn't use Manjaro
Stars: ✭ 96 (+71.43%)
Mutual labels:  archlinux, manjaro
paclabel
A tiny pacman wrapper that makes possible to attach labels to packages.
Stars: ✭ 16 (-71.43%)
Mutual labels:  archlinux
secrets
Simple Secret Sharing Service for social and decentralised management of passwords
Stars: ✭ 30 (-46.43%)
Mutual labels:  password
dotfiles
Salonia Matteo's dotfiles (GNU/Linux configuration)
Stars: ✭ 19 (-66.07%)
Mutual labels:  archlinux
WiFi-View
在 Android 设备上快速查看与管理保存的 WiFi 密码
Stars: ✭ 15 (-73.21%)
Mutual labels:  password
secrets
Useful to get input on noecho, secrets, passwords, token, hints
Stars: ✭ 13 (-76.79%)
Mutual labels:  password
Industrial-Security-Auditing-Framework
ISAF aims to be a framework that provides the necessary tools for the correct security audit of industrial environments. This repo is a mirror of https://gitlab.com/d0ubl3g/industrial-security-auditing-framework.
Stars: ✭ 43 (-23.21%)
Mutual labels:  credentials
View All Similar Projects ➔

Secret Service

GitHub release GitHub license GitHub stars GitHub issues GitHub issues

Implementation of Secret Service API

logo

What does this project do?

By using secret service, you don't need to use KeePassXC secretservice for storing and retrieving you applications credentials anymore, or login every time to Skype, vscode sync, Remmina...

Installation

  • Archlinux: There is an AUR package named secret-service.
  • Debian: TODO deb package
  • RedHat: TODO rpm package

Manual Installation

There is a scripts/manage.sh shellscript that do the job of install/uninstall (run it by ./scripts/manage.sh) but here are the details:

You need to copy the binaries (secretserviced and secretservice, build the project or download it from releases page) some where usually /usr/bin but if you don't have the permission, ~/.local/bin is OK too. To build the binaries from source code:

git clone https://github.com/yousefvand/secret-service.git
cd secret-service
go build -race -o secretserviced cmd/app/secretserviced/main.go
go build -race -o secretservice cmd/app/secretservice/main.go

You need a systemd UNIT file named secretserviced.service to put in /etc/systemd/user but if you don't have the permission ~/.config/systemd/user is OK too. Here is a sample UNIT file, change WorkingDirectory and ExecStart according to where you put the binary (secretserviced):

[Unit]
Description=Service to keep secrets of applications
Documentation=https://github.com/yousefvand/secret-service

[Install]
WantedBy=default.target

[Service]
Type=simple
RestartSec=30
Restart=always
Environment="MASTERPASSWORD=01234567890123456789012345678912"
WorkingDirectory=/usr/bin/
ExecStart=/usr/bin/secretserviced

CAUTION: MASTERPASSWORD is very important, don't loose it. scripts/manage.sh would generate a random 32 character password automatically. If you don't use the scripts/manage.sh shellscript, it is up to you to set the password and it should be EXACTLY 32 characters length.

Now start the service:

sudo systemctl daemon-reload
systemctl enable --now --user secretserviced.service

and you can stop the service by:

systemctl disable --now --user secretserviced.service

to see the status of service:

systemctl status --user secretserviced.service

All secret-service stuff (database, logs...) are stored under: ~/.secret-service.

By default all secrets are encrypted with AES-CBC-256 symmetric algorithm with MASTERPASSWORD. If you wish to switch between encrypted/unencrypted database you need to follow these steps:

  1. Stop service: systemctl stop --user secretserviced.service
  2. Change config encryption key (located at: ~/.secret-service/secretserviced/config.yaml)
  3. If you are changing to encryption: true make sure MASTERPASSWORD is set.
  4. Delete database (located at: ~/.secret-service/secretserviced/db.json)
  5. Start service: systemctl start --user secretserviced.service

If service refuses to start and you see OS exit code 5 in logs, it means som other application has taken dbus name org.freedesktop.secrets before (such as keyrings), stop that application and try again.

secretservice

This binary is the CLI interface to communicate with secretserviced daemon. Supported commands:

ping

secretservice ping

Check if service is up and responsive.

export db

secretservice export db

Export a copy of current db in ~/.secret-service/secretserviced/. This copy is not encrypted.

encrypt

secretservice encrypt -p|--password 32character-password -i|--input /path/to/input/file/ -o|--output /path/to/output/file/

Encrypts input file using given password. Password should be exactly 32 character. Example:

secretservice encrypt -p 012345678901234567890123456789ab -i ~/a.json -o ~/b.json

decrypt

secretservice decrypt -p|--password 32character-password -i|--input /path/to/input/file/ -o|--output /path/to/output/file/

Decrypts input file using given password. Password should be exactly 32 character. Example:

secretservice decrypt -p 012345678901234567890123456789ab -i ~/a.json -o ~/b.json

Contribution

This project is in its infancy and as it is my first golang project there are many design and code problems. I do appreciate suggestions and PRs. If you can get done any item from TODO list, you are welcome. This list will be updated based on new insights and user issues.

In case of sending a PR please make sure:

  1. You are addressing just one issue per PR.
  2. Completely describe the problem and your solution in plain English.
  3. Don't send your PRs to main branch, create a new branch based on your changes and make sure all tests are passed.
  4. If any new test is needed based on your PR, please write the test as well.

TODO

  • Improve CI

  • What's the best way to secure /etc/systemd/user/secretserviced.service file

  • deb, rpm, AppImage packages

  • ...

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].