Bug#588526: ITP: cpm -- Console Password Manager
Package: wnpp Severity: wishlist Owner: Stig Sandbeck Mathisen * Package name: cpm Version : 0.25.~beta-2 Upstream Author : Kacper Wysocki , harr...@eml.cc * URL : http://github.com/comotion/cpm * License : GPLv2+ Programming Lang: C Description : Console Password Manager This program is a ncurses based console tool to manage passwords and store them public key encrypted in a file - even for more than one person. The encryption is handled via GnuPG so the programs data can be accessed via gpg as well, in case you want to have a look inside. The data is stored as zlib compressed XML so it's even possible to reuse the data for some other purpose. The software uses CDK (ncurses) to handle the user interface, libxml2 to store the information, the zlib library to compress the data and the library GpgMe to encrypt and decrypt the data securely. Note: This supersedes bug #55, which is the old ITP for cpm. I'll close both when uploading. -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100709105334.9035.52775.report...@fsck.linpro.no
Bug#588526: ITP: cpm -- Console Password Manager
[Stig Sandbeck Mathisen] > This program is a ncurses based console tool to manage passwords and > store them public key encrypted in a file - even for more than one > person. Why public key? That's useful if a certain class of people need to be able to write but not read the file, or vice versa. I can't figure out how that could be useful for a password manager. Aside from that, can it use or import password from 'pwsafe', 'gnome-keyring' or 'kwallet'? Is there a reason this app isn't just a frontend to one or more of those? -- Peter Samuelson | org-tld!p12n!peter | http://p12n.org/ -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100709145017.gb3...@p12n.org
Bug#588526: ITP: cpm -- Console Password Manager
Peter Samuelson writes: > Why public key? That's useful if a certain class of people need to be > able to write but not read the file, or vice versa. It's the other way around. Anyone with write access to the location to the cpm directory used will be able to encrypt (changes to) the keyring so it is readable by a number of GnuPG keys belonging to, for instance, a group of system administrators. If the same class of people hold the private keys as well as the read/write permissions for the cpm directory, you have a shared and hopefully secure storage for passwords. > I can't figure out how that could be useful for a password manager. It would be impolite to agree here. :) > Aside from that, can it use or import password from 'pwsafe', > 'gnome-keyring' or 'kwallet'? Through a wetware bridge, sure. > Is there a reason this app isn't just a frontend to one or more of > those? Possibly, but I won't speculate about that. You should ask the author. The reason for looking at "cpm" was because it filled a need not satisfied by 'pwsafe', 'gnome-keyring' or 'kwallet', which was "shared, console-based storage for secret information". -- Stig Sandbeck Mathisen -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/7xsk3rsg5n@fsck.linpro.no
Bug#588526: ITP: cpm -- Console Password Manager
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 10-07-2010 08:57, Stig Sandbeck Mathisen wrote: [...] > The reason for looking at "cpm" was because it filled a need not > satisfied by 'pwsafe', 'gnome-keyring' or 'kwallet', which was "shared, > console-based storage for secret information". A few months ago I also found cpm as the best alternative to use inside a group of sysadmins, but I couldn't get the multi key setup to work, the rest was fine and it is indeed a nice tool. Besides that, upstream seems to be unresponsive, he never replied to my emails offering to upload an updated version of cpm and cdk, I couldn't find any recent development and 0.25 is attached in a Debian bug report. Please, if you can, upload a backport once it hit testing. Kind regards, - -- Felipe Augusto van de Wiel (faw) Debian. Freedom to code. Code to freedom! -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkw6wMMACgkQCjAO0JDlykZ3rQCeLQ0P5/iezKHpqoR2DphmSQJO wTgAn1vTEhrXDJ9yff0QEM0aWBaSU8uu =u8Uo -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4c3ac0c5.6020...@funlabs.org