Skip to main content

Storage for passwords, encrypted with GPG

Project description

Keybox is a secure store for keys, passwords and other secrets.

There is Python API (import keybox), a runnable package (python3 -m keybox) and wrapper script (keybox, created by setuptools).

Keybox is completely offline. All secrets stay safe in local file. Nothing is sent anywhere, unless you explicitly set up network synchronization using some other tool.

Features:

  • Data encrypted using strong encryption (GPG file)
  • Simple tab-delimited file format
  • Shell-like text user interface

Security:

  • Master password is saved in memory for as long as the program runs.
  • Neither the password nor decrypted data are ever written to disk.

Portability:

  • The script should run on any system with Python3 and GPG installed.
  • Requires no installation. You can bring your keybox with you anywhere.
  • Can be contained in single Python file (see Static Distribution bellow)

Dependencies:

  • POSIX OS
  • GPG
  • Python 3.4 or later

Installation

Install Python package together with keybox script:

python3 setup.py install

The package can be run directly, without installation:

python3 -m keybox

Dependencies:

/usr/share/dict/words (for pwgen, provided by ``wamerican`` on Debian)

Getting Started

Run the program, type master password. New keybox file will be created.

You are now in the shell. The basic workflow is as follows:

  • add some passwords
  • list the records
  • select a record
  • print the password
  • quit

See help for list of all commands.

Password Generator

Bundled password generator can be called from command line (keybox pwgen) or internally from shell. Try <tab> when asked for password (add command).

Pwgen is based on system word list usually found in /usr/share/dict/words. By default, it makes password from two concatenated words, one uppercase letter, one digit and one punctuation character.

This gives around 50 bits of entropy on my system. [1]

[1]http://en.wikipedia.org/wiki/Password_strength

Static Distribution

Call make zipapp to create [2] file containing all sources. Zipapp file is written to dist directory and is directly executable by Python.

The make target uses zipapp module which is available since Python 3.5. When created, the zipapp archive is executable by older interpreters (Python 3.4).

[2]https://docs.python.org/3.5/library/zipapp.html#the-python-zip-application-archive-format

Development

Run tests:

make test

Show test code coverage:

make htmlcov
https://travis-ci.org/rbrich/keybox.svg?branch=master

Project details


Release history Release notifications

This version

0.2

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for keybox, version 0.2
Filename, size File type Python version Upload date Hashes
Filename, size keybox-0.2-py3-none-any.whl (20.1 kB) File type Wheel Python version py3 Upload date Hashes View hashes
Filename, size keybox-0.2.tar.gz (16.6 kB) File type Source Python version None Upload date Hashes View hashes

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN SignalFx SignalFx Supporter DigiCert DigiCert EV certificate StatusPage StatusPage Status page