cPasswords
cPasswords is a group password manager develop by the CRANS.
Client installation
- Add you GPG fingerprint and your SSH key to the cpassword server. For the CRANS, you can do this on the intranet.
- Clone the code,
git clone git@gitlab.crans.org:nounous/cranspasswords.git
, - Launch
pip3 install --user .
, - Make sure the install path (
~/.local/bin
) is in your$PATH
, - Try
cranspasswords test
to decrypt a test password.
Server installation
- Clone the code,
git clone git@gitlab.crans.org:nounous/cranspasswords.git
, - Launch
pip3 install --user .
, - Add a sudoers rule to enable users from
sudoers_group
to launch cpasswords,%sudoers_group ALL=(root) NOPASSWD: /usr/local/bin/cranspasswords-server
- Copy and adapt
docs/serverconfig.example.py
to/etc/cranspasswords/serverconfig.py
. - Create
/var/lib/cranspasswords/db/
with owner root and mod 700 (root only).
How to
Develop
With a Python virtualenv,
python3 -m venv venv
. venv/bin/activate
pip install -e .
Then you will be able to launch the client with cpasswords
or the server with cpasswords-server
.
Change command name
If you wish to rename the command from cranspasswords
to something
else, define COMMAND_NAME
environment variable before executing
pip install
during the installation of the client or server.
Import cPasswords
To import client.py
from another script, you may need to specify
where is his configuration :
export CRANSPASSWORDS_CLIENT_CONFIG_DIR=/path/to/config/dir/
Install completion
With bash, you can add to ~/.bashrc
:
source <this repo path>/docs/bash_completion
complete -F _cranspasswords_completion <command name>
Troubleshoutings
To troubleshot, you -vv
option to activate debug.
""“sudo: sorry, a password is required to run sudo”""
Check sudoers file on server side.