What is it?It is a graphical interface to manage the usage of passwords related to servers or services, grouped by customers (plateforms, etc.) The purpose is to provide system and network administrators a convenient tool to manage a passwords knowledge base related to customers, servers, services... It can help to retrieve passwords, or even connect to servers (ssh, telnet, ftp...) Unix, C compiler, GTK+ libraries are required in addition to gnupg. Passwords must be kept in a gnupg crypted file. The structure of the file is predefined, but very easy to edit and maintain. The gtk application can switch between a discret applet and a full list of containers.
What is needed?
- C compiler
- GTK+ libraries (gtkpasman v>0.9 need versions 2.x)
- gnupg (pgp should work)
Where does it come from?gtkpasman was a project based on gpasman (project of Olivier Sessink) The RC2 crypted method has been replaced by calls to gnupg. The encryption is now external to the application. As the 'Eye view' and its menus have been removed, the application is now completely distinct.
How does it work?Typical use:
- Edit a password file (see format below)
- crypt the password file with your gpg key:
gpg --encrypt --no-encrypt-to --recipient YOURKEYID gpasman4.sample
- remove uncrypted file
- launch gtkpasman:
- you can have the password copied in the paste buffer. (Convenient if you just want to enter it in an HTTP, ldap, or any kind of authentication)
- launching xterm-like program of your choice; just point a server or a user on a service in the list, and you are connected, paste password with middle-clic or paste shortcut and you are in.
- alternately, you can just launch an xterm, if you use ssh keys and do not need to enter passwords for some servers. gtkpasman just helps you to group servers by customers in this case
- when multiple selection is made, gtkpasman tries to launch a specific command for ssh targets, so that you can use multiplexers programs like cluster-ssh (cssh) on your selection.
There is also a search field to find out a server/group/customer in the list.
The password file should contain one line per password; The format of a line in the encrypted file must be the same as the following:
- ";" is the separator
- spaces at start and end are allowed
- empty fields are allowed
- no separator is required for the last field (password)
- field names are in order:
customer, group, server, service, serviceplus, user, password
A sample file: gpasman4.txtThis file would give a represented tree like this :
+customer1 +Group 1 | +srvA | | +ssh | | +root2 | +srvB | +ssh | +root +Group 2 +srvC +ssh +root +customer2 +Group 1 +srvD +ssh +root +acc +customer3 +Group A +srvE | +ssh | +port 322 | +root +srvF +ssh +port 322 +root