mitchell
/
selfpass
mirror of https://github.com/mitchell/selfpass.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
A self-hosted, single-user password manager. Deployable locally and to popular cloud platforms.
20 Commits 1 Branch 0 Tags 489 KiB
Go 48.6%
Dart 44.7%
Ruby 2.7%
Makefile 1.7%
HCL 1.3%
Other 1%
Go to file
mitchell 347fbe7268 Change all key generation to use PBKDF2; 
change all internal encryption back to cbc mode;
add hidden command to convert from gcm to cbc internally
 		2019-07-08 20:45:01 -04:00
cli Change all key generation to use PBKDF2; 2019-07-08 20:45:01 -04:00
cmd Swapped AES-CBC for GCM for all symmetric encryption; bolstered TLS configs 2019-06-07 02:03:15 -07:00
credentials Change all key generation to use PBKDF2; 2019-07-08 20:45:01 -04:00
crypto Change all key generation to use PBKDF2; 2019-07-08 20:45:01 -04:00
.gitignore Update list and get commands to use better choosing strategy; 2019-06-01 13:32:11 -07:00
Dockerfile Refactored Docker and Make files; increased command context timeouts; 2019-05-29 23:32:56 -07:00
LICENSE Add README.md and LICENSE 2019-06-02 15:34:45 -07:00
Makefile Refactor Stringer implementations and scp root cmd init function 2019-06-29 21:17:22 -07:00
README.md Added update command; refactored duplicated code for selecting a credential 2019-06-16 04:02:49 -07:00
docker-compose.prod.yml Added redis.conf and Makefile commands to assist in machine setup 2019-06-01 19:42:46 -07:00
docker-compose.yml Added redis.conf and Makefile commands to assist in machine setup 2019-06-01 19:42:46 -07:00
gen_certs_go.sh Implemented all but update from cli client to server; 2019-05-27 18:16:50 -07:00
go.mod Change all key generation to use PBKDF2; 2019-07-08 20:45:01 -04:00
go.sum Change all key generation to use PBKDF2; 2019-07-08 20:45:01 -04:00
redis.conf Added redis.conf and Makefile commands to assist in machine setup 2019-06-01 19:42:46 -07:00

README.md

selfpass

This is the project home of selfpass, the self-hosted password manager. This project is intended to be a single-user (or trusted multi-user) password manager capable of encrypting/decrypting credentials and storing them remotely through encrypted transportation, all of which is deployable locally or to popular cloud platforms such as GCP and AWS.

It is still currently in development. However, the service is already capable of serving a gRPC based API using mutual TLS encryption, backed by Redis and Docker. It is also capable of being deployed in a semi-automated fashion locally and to GCP thanks to Docker.

In addition to the service there is spc (selfpass CLI), which is a fully fledged selfpass client capable of interacting with the whole selfpass API and creating AES-GCM encrypted credentials using a private key and master password. All of which is done using mutual TLS and an AES-GCM encrypted config.

Service Roadmap

Goal Progress Comment
Support credentials CRUD on gRPC API. 100%
Enable server-side mutual TLS, using cfssl. 100%
Deployable on Docker. 100%
Automatically deployable to GCP using docker-machine and Terraform. 50% TODO: Terraform
Automatically deployable to AWS using docker-machine and Terraform. 0%

SPC Roadmap

Goal Progress Comment
Support credentials CRUD via gRPC. 100%
Support mutual TLS. 100%
Support storage of certs, PK, and host in AES-CBC encrypted config. 100%
Support AES-GCM encryption of passes and OTP secrets, using MP and PK. 100%
Support AES-GCM encryption of local files, using MP and PK. 100%

Unplanned Goals

  • Web client.
  • Sensitive financial info support.
  • Miscellaneous text/file encryption and storage support.
  • Vault separation.

3rd-party Technologies in Use (and where):

  • Golang (all)
  • Go-Kit (all)
  • gRPC (all)
  • Cobra Commander & Viper Config (spc)
  • Redis (service)
  • Docker (service)
  • Debian (docker images and machines)