Project

General

Profile

Feature #15297

Replace KeePassX with KeePassXC

Added by dachary over 1 year ago. Updated 6 months ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
-
Target version:
Start date:
01/05/2019
Due date:
% Done:

100%

Feature Branch:
hefee/feature/15297-keepassxc
Type of work:
Code
Blueprint:
Starter:
Affected tool:
Password Manager

Description

KeePassXC is an fork of KeePassX packaged for Debian GNU/Linux

It more actively maintained than KeePassX and could be a sane replacement.

What do you think ?

tails-amd64-hefee_feature_15297-keepassxc-3.12-20190105T2138Z-3fc38399c0.buildlog (1.08 MB) lamby, 01/06/2019 08:49 AM

2019-01-06_09-50.png View (31.7 KB) lamby, 01/06/2019 08:52 AM

2019-01-06_09-50_1.png View (46.1 KB) lamby, 01/06/2019 08:52 AM

2019-01-06_09-52.png View (11.4 KB) lamby, 01/06/2019 08:52 AM


Related issues

Duplicated by Tails - Feature #15439: KeePassXC password manager Duplicate 03/22/2018
Blocks Tails - Feature #15182: Drop Qt4 on Buster Resolved 01/05/2019
Blocks Tails - Feature #16284: Update doc for KeePassXC Confirmed 01/05/2019

Associated revisions

Revision 3fc38399 (diff)
Added by Sandro Knauß 6 months ago

Remove KeePassX and replace it with KeePassXC. (refs: #15297)

As KeePassX was used around for a longer time, we don't need automatic
upgrading cappability from old KeePass file format (Tails 2 times).
The user can still import those old files, if they want to access it.

Revision 92b4ef1c
Added by intrigeri 6 months ago

Merge remote-tracking branch 'origin/hefee/feature/15297-keepassxc' into feature/buster

Fix-committed: #15297

Revision 6c249eaa (diff)
Added by Sandro Knauß 6 months ago

Add KeePassXC to favorites. (refs: #15297)

We had KeePassW in favorites and missed it to add it again after
switching to KeePassXC.

History

#1 Updated by intrigeri over 1 year ago

  • Subject changed from replace KeePassX with KeePassXC to Replace KeePassX with KeePassXC
  • Status changed from New to Confirmed
  • Target version set to Tails_4.0
  • Parent task set to #15182
  • Type of work changed from Debian to Research

We'll probably have to do that in Tails 4.0 in order to drop Qt4 (#15182).

#2 Updated by intrigeri over 1 year ago

KeePassX 2.1 will support Qt5 but that's been in upstream Git for 2.5 years and not released yet. So:

  • if KeePassX 2.1 is in Buster: we'll need to decide purely based on other factors, e.g. UX and cost/benefit of the migration (doc update, possibly migrating data & persistence config, changing users' habits), integration with the rest of the system and so on
  • if KeePassX in Buster does not support Qt5: we'll need to decide based on the aforementioned factors + the benefits of dropping Qt4 from the ISO + the advantages of shipping a Qt5 password manager (e.g. better accessibility IIRC but I didn't try recently)

#3 Updated by intrigeri over 1 year ago

  • Subject changed from Replace KeePassX with KeePassXC to Consider replacing KeePassX with KeePassXC
  • Affected tool set to Password Manager

#4 Updated by jvoisin over 1 year ago

We might want to wait a bit for its codebase to stabilize a bit before considering a move, to avoid issues like bringing down the WiFi or corrupting password databases .

#5 Updated by intrigeri over 1 year ago

bringing down the WiFi

FTR this one is caused by a Qt bug and only affects OS X. But regardless, we'll want to disable favicon fetching if we switch to KeePassXC. And even disallow network access to KeePassXC once AppArmor supports this in Linux mainline.

or corrupting password databases .

That one is caused by a bug in a beta version of Qt so IMO it is no indication of KeePassXC's codebase maturity.

#6 Updated by sajolida over 1 year ago

I talked to several people at IFF who were really enthusiastic about KeePassXC as a new active replacement of KeePassX. Two cool features were mentioned to me: diceware passphrase (original code by @micahflee) and two-factor authentication seeding.

#7 Updated by intrigeri over 1 year ago

#8 Updated by micahflee 11 months ago

I would love for Tails to switch from KeePassX to KeePassXC. The main reason is KeePassX is a completely abandoned project now, and KeePassXC includes all the same features as well as several new genuinely useful features.

One of these is a Diceware passphrase generator instead of just a random character password generator. (I actually developed the Diceware generator for KeePassX and made a pull request, but because KeePassX is a dead project it got ignored. The KeePassXC project ultimately merged my feature into their project and have since improved the usability.) Another awesome feature is supporting requiring a Yubikey for challenge/response to unlock your passwords.

Also, both of the cited KeePassXC issues above are now closed, btw.

#9 Updated by intrigeri 11 months ago

Any suggestion wrt. how to handle a pre-existing persistent KeePassX database? More specifically:

  • does KeePassXC use the same directory to store its data?
  • does KeePassXC automatically import (and if needed, convert) data from KeePassX? if not, is there a way for users to do this manually via a GUI?

#10 Updated by micahflee 11 months ago

KeePassX and KeePassXC both have (I believe) config files in separate folders. But they deal with the .kdbx password databases in the same way, and they use the exact same format. So it should be simple, you can just load your old KeePassX database in KeePassXC and it will "just work".

#11 Updated by intrigeri 11 months ago

KeePassX and KeePassXC both have (I believe) config files in separate folders. But they deal with the .kdbx password databases in the same way, and they use the exact same format. So it should be simple, you can just load your old KeePassX database in KeePassXC and it will "just work".

OK. It would be sweet if someone particularly interested in this proposal figured out a nice way to handle this automatically on upgrades. Starting points:

  • The Git history of config/chroot_local-includes/usr/local/sbin/live-persist has examples of how to migrate persistence settings (to deal with the new directory name).
  • config/chroot_local-includes/usr/local/bin/keepassx is a wrapper that handled KeePassX 1.x → 2.x migration.
  • We need a KeePassXC config file that achieves the same as config/chroot_local-includes/etc/skel/.config/keepassx/keepassx2.ini wrt. making data loss hard and initial config easy, i.e. when saving the DB for the first time, a standard filename in the standard persistent directory is pre-selected.

#12 Updated by intrigeri 10 months ago

  • Parent task deleted (#15182)

#13 Updated by intrigeri 10 months ago

#14 Updated by hefee 6 months ago

  • Assignee set to hefee

#15 Updated by hefee 6 months ago

A good starting point:
https://tails.boum.org/doc/encryption_and_privacy/manage_passwords/index.en.html

and this would be needs to updated if switching to KeePassXC.

#16 Updated by hefee 6 months ago

intrigeri wrote:

  • The Git history of config/chroot_local-includes/usr/local/sbin/live-persist has examples of how to migrate persistence settings (to deal with the new directory name).
  • config/chroot_local-includes/usr/local/bin/keepassx is a wrapper that handled KeePassX 1.x → 2.x migration.

so far the fileformat hasn't changed so we don't have to update the files itself. I see no need to rename the file to keepassxc.kdbx. Maybe do a backup before starting keepassxc the first time, just in case?

  • We need a KeePassXC config file that achieves the same as config/chroot_local-includes/etc/skel/.config/keepassx/keepassx2.ini wrt. making data loss hard and initial config easy, i.e. when saving the DB for the first time, a standard filename in the standard persistent directory is pre-selected.

the config file is now keepassxc and we can archive the same:
q
config/chroot_local-includes/etc/skel/.config/keepassxc/keepassxc.ini

#17 Updated by hefee 6 months ago

There is a new kdbx 4:

https://keepass.info/help/kb/kdbx_4.html

KeePassX and KeePAssXC supports both kdbx 3.1

You need to update to this format by hand by switching Encryption Algorithm to "ChaCha20", and the Key Derivation Function to "Argon2":

https://keepassxc.org/docs/#faq-security-kdbx4
https://theorangeone.net/posts/keepassxc-2.3-migration/#kdbx4

#18 Updated by intrigeri 6 months ago

so far the fileformat hasn't changed so we don't have to update the files itself.

Great!

I see no need to rename the file to keepassxc.kdbx. Maybe do a backup before starting keepassxc the first time, just in case?

Good idea. And drop the migration code we had for Tails 2.x → 3.x.

  • We need a KeePassXC config file that achieves the same as config/chroot_local-includes/etc/skel/.config/keepassx/keepassx2.ini wrt. making data loss hard and initial config easy, i.e. when saving the DB for the first time, a standard filename in the standard persistent directory is pre-selected.

the config file is now keepassxc and we can archive the same:
config/chroot_local-includes/etc/skel/.config/keepassxc/keepassxc.ini

Looks like we don't suggest making that file persistent so perhaps there's nothing more to do :)

#19 Updated by intrigeri 6 months ago

#20 Updated by Anonymous 6 months ago

  • Status changed from Confirmed to In Progress

#21 Updated by hefee 6 months ago

  • Assignee deleted (hefee)
  • % Done changed from 0 to 70
  • QA Check set to Ready for QA
  • Feature Branch set to hefee/feature/15297-keepassxc

I made a manual test to upgrade from a Tails 3.11 with KeePassX (at Persistent/keepassx.kdbx) to a Tails 3.11 with KeePassXC and a feature/buster build with KeePassXC. And everytime I could directly start and use KeePassXC. So ready for QA.

#22 Updated by hefee 6 months ago

  • Subject changed from Consider replacing KeePassX with KeePassXC to Replacing KeePassX with KeePassXC

#23 Updated by hefee 6 months ago

  • Type of work changed from Research to Code

#24 Updated by lamby 6 months ago

  • Assignee set to lamby

Taking review...

#25 Updated by lamby 6 months ago

Testing this branch (attaching .buildlog)…

Great stuff. Appears to all work as expexted, although it does allow /terrible/ master passwords (eg. "q")

(See attached screenshots)

#26 Updated by hefee 6 months ago

  • Assignee changed from hefee to intrigeri

@intrigeri: please merge & commit, as I have no commit access.

#27 Updated by intrigeri 6 months ago

  • Status changed from In Progress to Fix committed
  • % Done changed from 70 to 100

#28 Updated by intrigeri 6 months ago

  • Assignee deleted (intrigeri)

Yeah, less Qt 4 cruft \o/

#29 Updated by Anonymous 6 months ago

  • Status changed from Fix committed to In Progress

#30 Updated by intrigeri 6 months ago

  • Subject changed from Replacing KeePassX with KeePassXC to Replace KeePassX with KeePassXC
  • Status changed from In Progress to Resolved

Also available in: Atom PDF