No description
Find a file
Wiktor Kwapisiewicz 3d5dd65e30 Display TOTP code if entry contains OTP secret
TOTP is calculated on display and on copy to clipboard from secret
embedded in entry (either in password or in extra) and the current time.
2017-11-19 11:14:45 +01:00
app Display TOTP code if entry contains OTP secret 2017-11-19 11:14:45 +01:00
contrib/oisafe2pstore oisafe2pstore.hs: script to migrate from OI Safe 2016-07-23 15:51:37 +03:00
gradle/wrapper update gradle, support versions and target versions 2017-10-30 22:37:40 +01:00
.gitignore Added Eclipse Integration 2014-09-21 15:36:23 +02:00
.gitmodules remove openpgp submodule 2015-05-12 22:33:46 +02:00
.travis.yml update travis 2017-11-19 11:10:37 +01:00
build.gradle update kotlin version and add google maven for gradle 2017-11-03 13:57:15 +01:00
gradlew initial commit 2014-07-24 01:15:11 +01:00
gradlew.bat initial commit 2014-07-24 01:15:11 +01:00
irc_badge.png use png rather than svg 2014-12-14 16:25:17 +01:00
LICENSE.txt added license 2014-08-10 14:03:54 +01:00
README.md remove attribution for the icon 2017-11-19 10:08:04 +01:00
settings.gradle update of libs and version bump 2015-08-03 00:03:37 +02:00
tutorial_clone_ssh_then_decrypt.gif modified the figures slightly 2014-09-14 13:30:26 +02:00

PwdStore

IRC Gitter Android Arsenal Build Status

Donations: Flattr this git repo or bitcoin at 1H1Z1NPTrR5Cej9bKV3Hu4f5WJZYtkbpox

This application tries to be 100% compatible with pass

You can install the application from:

Pull requests are more than welcome (see TODO).

How-To

See the wiki https://github.com/zeapo/Android-Password-Store/wiki/First-time-setup for a newer written version of the following gif walkthrough

FAQ

  • Q: What kind of repository can I clone from?
  • A: Make sure to only clone from bare repositories (see git-clone(1) for how to create a bare repository from an existing one). Otherwise the clone will fail.
  • Q: I get a "Permission Denied" error when trying to import my ssh-key, why?
  • A: ssh-key files are usually created with permissions set to 600, meaning that only the creator of this key has the right to read from it. The application needs a read access, at least temporarily, make the permissions to 644, import the key, then set them back to 600.
  • Q: I tried to use APG and it does not work... why?
  • A: We only support OpenKeychain.
  • Q I get the error No encrypted data with known secret key found in stream
  • A In OpenKeyChain (under the left drawer) Apps > Password Store > Accounts > (select the account) > Account key select the key used to encrypt your passwords.

Community

A few ways to get in touch:

  • Github issues, use it if you have a bug report, you do not understand how somehting works or feature request
  • reddit, want to discuss something and it's midnight, no one on irc and you really want to write more than a couple of lines? reddit is your way!

TODO

  • Implement a keyboard to replace the copy/paste and avoid clipboard hijicking (see #50) (Autofill does the job)
  • Create a new category
  • Multiple password stores (multiple git repositories).
  • Solve issues labeld as enhancement (see enhancement issues)

Generate a ssh key for your git repo

###From the application###

  • Go to settings > Generate SSH key pair
  • Select the key size (length)
  • Set the passphrase (optional) and a comment (optional)
  • Press Generate
  • Press Copy to copy the public key and add it to your ssh server

###From a terminal###

  • Generate the private and public key
ssh-keygen -C droid_phone -b 2048 -t rsa -f /tmp/id_rsa_droid
  • Copy the public key /tmp/id_rsa_droid.pub on your ssh server and add in to the ~/.ssh/authorized_keys file
cat id_rsa_droid.pub >> ~/.ssh/authorized_keys
  • Copy the private key /tmp/id_rsa_droidto your phone and import it in your Android-Password_Store app through the settings

Export your gpg private key

  • Get your pass script gpg id(s) ie: cat ~/.password-store/.gpg-id
  • You can also get a full ids list using gpg -k
  • Export your private key with
gpg --export-secret-key [the_id] > keys.asc
  • Import it in OpenKeychain

Clone using SSH-key, then decrypt a password

Clone And Decrypt

Features

  • Clone an existing pass repository (ssh-key and user/pass support)
  • List the passwords
  • Handle the directories as categories
  • Decrypt the password files (first line is the password, the rest is extra data)
  • Add a new password to the current category (or no category if added at the root)
  • Pull and Push changes to the remote repository
  • Ability to change remote repository info

Libraries

This project uses three libraries:

  • OpenKeyChain for encryption and decryption of passwords. To download the library, run the following commands at the root of the project

      git submodule init
      git submodule update
    
  • JGit a pretty good git lib

  • Apache's FileUtils for files manipulations