Welcome to the Dash Forum!

Please sign up to discuss the most innovative cryptocurrency!

KeePass Integration

Discussion in 'Miscellaneous Dash Guides' started by freynder, Jan 17, 2015.

  1. freynder

    freynder New Member

    Joined:
    Dec 5, 2014
    Messages:
    30
    Likes Received:
    63
    Trophy Points:
    18
    As of v0.11.0, Darkcoin Core client offers KeePass integration. This guide will show you how to configure the association between Darkcoin and KeePass and how to save a Darkcoin wallet passphrase entry in KeePass through the integration. When this is done, KeePass can be used to unlock the wallet.

    There is also a video (no sound) of this available here:


    You will need the following:

    The following keepass RPC commands are available in the Darkcoin client console or server:
    • keepass genkey: Generates a base64 encoded 256 bit AES key that can be used for the communication with KeePassHttp. This is only necessary for manual configuration. Use init for automatic configuration.
    • keepass init: Sets up the association between Darkcoin and KeePass by generating an AES key and sending an association message to KeePassHttp. This will trigger KeePass to ask for an Id for the association. Returns the association and the base64 encoded string for the AES key.
    • keepass setpassphrase : Updates the passphrase in KeePassHttp to a new value. This should match the passphrase you intend to use for the wallet. Please note that the standard RPC commands walletpassphrasechange and the wallet encrption from the QT GUI already send the updates to KeePassHttp, so this is only necessary for manual manipulation of the password.
    The following new options are available for darkcoind and darkcoin-qt:
    Code:
    -keepass               Use KeePass 2 integration using KeePassHttp plugin (default: 0)
    -keepassport=<port>    Connect to KeePassHttp on port <port> (default: 19455)
    -keepasskey=<key>      KeePassHttp key for AES encrypted communication with KeePass
    -keepassid=<name>      KeePassHttp id for the established association
    -keepassname=<name>    Name to construct url for KeePass entry that stores the wallet passphrase
    keepass option is not necessary during configuration, but is necessary to retrieve the password from keepass.

    Example scenario:
    • Existing encrypted wallet
    • current wallet passphrase: 1BWi2OXyk76uWumxJQy4
    Step 1: Configure the association
    • Start KeePass2
    • Open existing database or create a new one:
      [​IMG]
    • Start the darkcoin-qt client
    • Open console: Help -> Debug Window -> Console:
      [​IMG]
    • Type: keepass init
    • KeePass will ask for a "Key name" for the association. Choose a relevant name, e.g.: testwalletassociation
      [​IMG]
    • Return to the darkcoin-qt console. The console will show the new key:
      [​IMG]
    • Edit your darkcoin.conf file with the information provided. You may freely choose a value for keepassname. This will be used to name the entry for the wallet passphrase in KeePass.
      Code:
      keepass=1
      keepasskey=MSb+JLygqz7ZH40SyJ1QR62iOOIXoa3tmT8SMGGI2K0=
      keepassid=testwalletassociation
      keepassname=testwallet
      
    • Close the darkcoin-qt client
    Step 2: Setup wallet passphrase entry in the KeePass database

    • Make sure KeePass2 is running
    • Start the darkcoin-qt client
    • Open console: Help -> Debug Window -> Console:
      [​IMG]
    • Type: keepass setpassphrase <passphrase> (replace <passphrase> with your actual wallet passphrase):
      [​IMG]
    • A new entry should appear in KeePass with the name you specified in the keepassname configuration variable:
      [​IMG]
    • Save the KeePass2 database
    At this point the configuration is complete. You set up the association and stored the wallet passphrase in KeePass2.

    You can now use KeePass to manage and provide your wallet passphrase. To do this, simply use "keepass" (without the quotes) as passphrase when needed. The integration is active in the GUI (Unlock Wallet, Change Passphrase) as well as the RPC commands (walletpassphrase, walletpassphrasechange, masternode).

    Small example for unlocking the wallet from the console:
    [​IMG]
     
    #1 freynder, Jan 17, 2015
    Last edited by a moderator: Jan 19, 2015
    • Like Like x 6
  2. jpr

    jpr Active Member

    Joined:
    May 11, 2014
    Messages:
    494
    Likes Received:
    393
    Trophy Points:
    133
    Hi
    I understand that my keepass has to be running while using this and the workspace cannot be locked?
    I use keepass everyday, it's like the tool I would not be able to live without :) I just do ctrl+c in keepass and ctrl+v in wallet console when I need to use the password.
    Does this not weaken my security anyhow?
     
    • Like Like x 1
  3. freynder

    freynder New Member

    Joined:
    Dec 5, 2014
    Messages:
    30
    Likes Received:
    63
    Trophy Points:
    18
    Hi. The workspace can be locked if you like, KeePassHttp will ask to unlock it when it needs to retrieve the passphrase.
    I definitely agree on how essential KeePass is :)
    I don't think it necessarily weakens security. It basically replaces the copy paste mechanism you currently use with a direct communication. The communication is encrypted as opposed to the clipboard buffer which could be monitored if your computer would be compromised. Also, no more need to type the password in plain text in the console which could be monitored by a trojan as well.
     
    • Like Like x 3
  4. tungfa

    tungfa Administrator
    Dash Core Team Foundation Member Masternode Owner/Operator Moderator

    Joined:
    Apr 9, 2014
    Messages:
    8,779
    Likes Received:
    6,672
    Trophy Points:
    1,283
    Well done !
    This above is amazing,
    i am using keepass every day and love it !
    to have them integrated into DRK Wallets is really good !

    the video is great, but sure sound would definitely help !
    onetime yidakee
    any chance ether of you could look into a voiceover here ??
    Guides and everything is available !
    ;)
     
    • Like Like x 2
  5. fernando

    fernando Powered by Dash
    Dash Core Team Foundation Member Moderator

    Joined:
    May 9, 2014
    Messages:
    1,528
    Likes Received:
    2,057
    Trophy Points:
    283
    As others here, I could not live without Keepass, so I will definitely try this. Thanks for the guide, it is super useful. I agree with tungfa about the voiceover. Talking while doing sometimes feels weird and not all us have clear voices (I know I don't!), but there are a few guys around who could do great with it.
     
    • Like Like x 1
  6. UdjinM6

    UdjinM6 Official Dash Dev
    Dash Core Team Moderator

    Joined:
    May 20, 2014
    Messages:
    3,633
    Likes Received:
    3,537
    Trophy Points:
    1,183
    Nice job! In case no one noted - freynder just added keepass integration setup video guide to the OP! :)
     
  7. Propulsion

    Propulsion The buck stops here.

    Joined:
    Feb 26, 2014
    Messages:
    1,008
    Likes Received:
    467
    Trophy Points:
    183
    Dash Address:
    XerHCGryyfZttUc6mnuRY3FNJzU1Jm9u5L
    Hey freynder very cool! So let's say I want to change the passphrase after this is associated. I would just edit the entry in keepass and change the passphrase through the debug window or console of the daemon?
     
  8. freynder

    freynder New Member

    Joined:
    Dec 5, 2014
    Messages:
    30
    Likes Received:
    63
    Trophy Points:
    18
    Hi Propulsion,
    When you change the passphrase in the darkcoin client, and keepass integration is activated, it will try to automically update the entry in KeePass through the integration. The video shows this at the end using the console but it should work from the GUI as well. No information should be lost as KeePass will ask confirmation to update the passphrase and also keeps a history of the account.
    If for some reason, the update did not happen, you can always set it yourself by manually updating KeePass as you indicated, or by using the "keepass setpassphrase" command.
     
    • Like Like x 2
  9. Bitroad

    Bitroad New Member

    Joined:
    Jan 28, 2015
    Messages:
    7
    Likes Received:
    26
    Trophy Points:
    13
    Very helpful and detailed guide. Thanks
     

Share This Page