Linux password manager that also works under Windows / OS X

by on May 11, 2006 · 21 comments· LAST UPDATED July 30, 2007

in , ,

Too many passwords to remember? Do you forget passwords? Do you keep passwords written down? Writing down password is a bad idea. I cannot remember more than a handful of passwords. So what is the solution to password?

Use personal password manager to store all passwords in a securely encrypted file. This file is protected by a single master password. At the end of day you need to remember only one password. Here is list of free and open source software:

  1. Password Safe - Password Safe is an Open Source (free) tool that allows you to have a different password for all the different programs and websites. It only works on Microsoft Windows.
  2. KeePass - The free, open-source, light-weight and easy-to-use password manager that runs on Microsoft Windows. AES and Twofish are most secure encryption algorithms currently known and used in this software. Only drawback - does not runs on Linux or Mac OS X. It runs on Windows, Mac OS X and Linux
  3. Password Gorilla - A Tcl/TK PasswordSafe clone that runs on Microsoft Windows, Mac OS X, and most flavors of Unix, including Linux and Solaris (note that it requires Tcl/TK to run).
  4. pwsafe - It is a unix commandline program that manages encrypted password databases. Good for remote access over ssh.
  5. Use gpg command, which is encryption and signing tool.
  6. You can also use KDE wallet manager
  7. Revelation is a password manager for the GNOME 2 desktop.

gpass for Gnome

GPass is a simple GNOME application, released under the GNU GPL licence, that lets you manage a collection of passwords. The password collection is stored in an encrypted file, protected by a master-password.

Use apt-get command to install gpass:
$ sudo apt-get install gpass
The password manager for GNOME2

Make sure you backup ~/.gpass directory.

revelation - GNOME2 Password manager

Use apt-get command to install revelation:
$ sudo apt-get install revelation
Start revelation from menus or type:
$ revelation &

pwmanager - Password Manager for KDE

With PwManager you can easily manage your passwords. PwManager saves your passwords blowfish-encrypted in one file, so you have to remember only one master-password instead of all. Instead of the master-password you can use a chipcard, so you don’t have to remember a password to access the list. To install pwmanager for KDE type:
$ sudo apt-get install kde-pwmanager
Start pwmanager from K menu or type:
$ pwmanager &

Password Gorilla

My personal favorite is Password Gorilla as it can be used to store any logins and passwords. Retrieve them by either sending them to the Clipboard.

Password Gorilla installation

Download it from http://www.fpx.de/fp/Software/Gorilla/download/gorilla-1.3.zip

# cd /opt/
# wget http://www.fpx.de/fp/Software/Gorilla/download/gorilla-1.3.zip

Install two tcl modules:
# apt-get install itcl3 bwidget
Configure Password Gorilla:

# cd /opt
# mkdir gorilla
# cd gorilla
# unzip ../gorilla-1.3.zip
# ./configure

Run Password Gorilla:

$ ./gorilla &

You will get a dial box asking password and database name. Since this is first run, you need to cancel dialog box. Click on menu File > New to create a new database and a password, If you lost master password there is no way you can get back your login information. So keep password database file at safe place.

Password Gorilla - personal password manager

See also:

TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 21 comments… read them below or add one }

1 Marc May 11, 2006 at 3:10 pm

You’re forgetting a masterpiece :

Revelation

http://codepoet.no/revelation/

Reply

2 LinuxTitli May 11, 2006 at 4:38 pm

Marc, thanks just added your suggestion :)

Appreciate your post.

Reply

3 Xaprb May 11, 2006 at 5:29 pm

And FPM — Figaro’s Password Manager. I actually prefer it to Revelation.

Reply

4 mahmood alalimi December 26, 2006 at 7:27 pm

i have problem to open decrypt files in my windows XP also i have forgot my password so please help me to open the said above files

Waiting for your help

Regards

Mahmood Alalimi

Reply

5 borrel June 3, 2011 at 7:41 am

re: mahmood alalimi

game over, you not have the hardware to do this (aka a computing cluster/super computer)

Reply

6 John B January 2, 2007 at 6:23 am

Your guide was very helpful. I got stuck trying to figure out how to get the correct TCL file extensions and the apt-get with appropriate file nams got me going in just a couple of minutes :) Thanks

BTW, I use this cross platform now and keep the database and all the Linux files as well as a WinXP EXE on amemory stick. I can load up up any of my Linux or Win machines. Just have to make sure on the Linux machines you code apt-get install itcl3 bwidget first and then it runs OK.

Reply

7 matthias May 9, 2007 at 6:44 pm

Nice overview.

I can recommended KeePass(X) – it runs fine on Windows, Linux and Mac OS X Boxes. You can also run it on various mobile phones which makes it perfect for sysadmins :)

Reply

8 nicolas July 30, 2007 at 1:14 pm

hi, i ve followed your guide on installing password gorilla and unfortunatelly i can only run it as a sudo user…..

any ideas?

thanks in advance,
nicolas

Reply

9 nixCraft July 30, 2007 at 9:29 pm

nicolas
Look for executable permission:

ls -l /path/to/file

Reply

10 nicolas August 3, 2007 at 6:19 pm

man, sorry i didn’t answer later…i didn’t believe anyone would reply

I looked the executable permissions….

i did this chmod -R 777 gorilla i don’t think this is the right way to do it. also now the programm doesn’t remember my last choice {in picking a database…}

i don’t know why it doesn’t work, one year earlier i had installed password gorilla in ubuntu 6.10 with not much trouble….

any further help will be deeply apreciated…

Reply

11 Nigel August 15, 2007 at 7:14 am

I use password gorilla very good. Just put it in ~/bin {/home/user/bin]
the site where it comes from it has all the instructions.

Reply

12 TAHA October 30, 2007 at 9:25 pm

HI.
LOVI.JOIN GPASS OK

Reply

13 Fitzgerald December 8, 2008 at 11:45 am

My all-time favorite is KisKis (Keep It Secret! Keep It Safe!).

This is a Java application and runs on any platform.
It encrypts the data with PGP (you can use standalone pgp to decrypt).

I has some pretty cool features, for example creating a hierarchy for accounts and adding attachments.

I have it on my USB stick and I trust it with all my passwords (also personal stuff).

Reply

14 Martin Tsachev February 12, 2009 at 10:38 am

What about something that has remote capabilities. I.e. all data is stored on the linux box but can be accessed via network from OS X w/o the use of Transmit. Anyone seen or uses something like this?

Reply

15 Carl Parrish April 14, 2009 at 5:21 pm

I just use jungle disk to store my Revelation database though I may have to move to Password Gorilla for windows support

Reply

16 Rob April 19, 2009 at 3:28 am

What I’d like to find is not just something that happens to be available in Linux AND Windows VERSIONS, but genuinely WORKS on Linux and Windows, WITHOUT different versions (e.g. maybe using Java).

In particular, I’d like it to work directly from a USB drive, regardless of where I take it, AND also have some kind of OTP (one-time password) capability, as well.

Do any of the existing applications even come CLOSE to that? If so, to which PARTS of that?

Reply

17 Jacques July 2, 2009 at 6:01 pm

FWIW, I use vim with gpg to automagically edit an encryped text file, with the following macro (put it in your ~/.vimrc),

http://vim.wikia.com/wiki/Edit_gpg_encrypted_files

Then I just use a bash alias like this,

alias edpass=’vim ~/data/passwds.gpg’

Reply

18 Dan August 10, 2009 at 9:32 pm

Excellent article. Mainly use Ubuntu, but have Windows 7 and a OSX system that I use every once in a while. Already used Password Gorilla, and very satisfied with it. Just had to install PG to them, now everything is safe and useable.

Reply

19 opit October 23, 2009 at 12:53 pm

I actually don’t know if it’s a Linux app.
I have a Firefox Add On that I’ve been using for a few weeks just because running from computer to computer makes passwords such a kludge. : especially since I have several pages in a binder devoted to tracking them. Admittedly, online storage scares many but I don’t use business apps on my surfing computer anyway – which runs Ubuntu 9.04
Look for LastPass 1.51.2 : it generates and stores passwords and you can use it wherever you go ( just don’t forget your master password! )

Reply

20 opit October 23, 2009 at 1:11 pm

Curious. The blurb states passwords are kept on my computer – not online.
https://lastpass.com/

Reply

21 João R. Matos December 27, 2010 at 7:33 pm

Curious. The blurb states passwords are kept on my computer – not online.
https://lastpass.com/

lastpass stores the password database in an encrypted form.
All operations on this database are made on the client side.
This ensures they can’t decrypt it without knowing your master password.

The client programs (including the website javascript) also cache the password database, so that you can keep using it if you lose connectivity.

It’s pretty much the same as using any of the other programs and keeping the password database on dropbox.

Its client software is not Free Software and they heavily rely on “cloud” storage, so I can’t bring myself to recommend it.

http://lastpass.com/whylastpass_technology.php

Reply

Leave a Comment

Tagged as: , , , , , , ,

Previous post:

Next post: